Security Incidents mailing list archives
Paypal.com hosting IRC server, possible hack?
From: mistymountainhop () hushmail com
Date: Thu, 23 Jan 2003 21:23:54 -0800
A system on the Paypal.com domain is hosting an IRC server. Historically, IRC servers have had security issues, and they continue to be high-profile targets. I am not sure if these servers are being intentionally run by a Paypal.com administrator, or if they have been set up by crackers to use Paypal.coms bandwidth. The IRC server was recently introduced to an IRC network, EnterTheGame (http://www.enterthegame.com), as ca.enterthegame.com: [user@box ~]$ nslookup ca.enterthegame.com Name: irc.enterthegame.com Addresses: 209.131.67.21, 216.136.154.43, 209.131.67.20 Aliases: ca.enterthegame.com [user@box ~]$ nslookup 216.136.154.43 Name: node-216-136-154-43.networks.paypal.com Address: 216.136.154.43 Aliases: 43.154.136.216.in-addr.arpa [user@box ~]$ nc node-216-136-154-43.networks.paypal.com 6667 :Ca.EnterTheGame.Com NOTICE AUTH :*** Looking up your hostname... :Ca.EnterTheGame.Com NOTICE AUTH :*** Checking Ident :Ca.EnterTheGame.Com NOTICE AUTH :*** Found your hostname :Ca.EnterTheGame.Com NOTICE AUTH :*** No Ident response Im not sure if this server is being intentionally hosted, or if its the work of crackers who have obtained access to a Paypal.com system. If the server is being intentionally hosted, the Paypal administrators are knowingly subjecting their customers and investors to additional security risks. Moreover, being part of an IRC network may subject Paypal.com to the actions of the IRC users, which may include allowing or promoting the distribution of illegal software. If Paypal is not intentionally hosting the server, it is safe to assume that they have been cracked and customer data (names, credit cards, and more), as well as Paypal and Ebays internal network, is at risk of compromise. Contact information for EnterTheGame, which was obtained from http://www.enterthegame.com, are the email addresses info () enterthegame com, press () enterthegame com, and support () enterthegame com. Inquiring emails to Paypal.com were not answered after 48 hours. Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Big $$$ to be made with the HushMail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Paypal.com hosting IRC server, possible hack? mistymountainhop (Jan 25)
- Re: Paypal.com hosting IRC server, possible hack? dtm (Jan 26)