Zee Network -- hacked or up for cyber-blackmail?

[William Knowles <wk () C4I ORG>]

http://www.financialexpress.com/fe/daily/20001214/fco14042.html

Nivedita Mookerji & Ashu Kumar
December 13, 2000

New Delhi: The scene of the crime: www.zeetv.com. The heinous act:
Hacking-allegedly. The clues: A stream of vitriolic slogans which
hector the hacking of Zee TV's site by alleged Kashmiri separatists.
``Welcome to www.zeetv.com. Now it's Kashmir Today (Pakistan's
Territory).'' ``Save Kashmir, Zee TV is hacked...'' The mystery:
www.zeetv.com has nothing to do with the Zee Group. Call it the Case
of the Cracker Hacker. For whether www.zeetv.com was hacked on
Wednesday or not, one thing is clear: the official Website of Zee,
www.zeetelevision.com remains safe and secure. According to a Zee
spokesperson, in addition to the official Website, Zee also owns a
clutch of several others domain names such as zeenext.com and
zeenews.com-but not zeetv.com.

> From the information available at one of the domain registration
sites, Network solutions.com, it was found that the domain
name-zeetv.com-is registered in the name of an Indian named Rahul
Dholakia based in New Jersey, the US. However, the administrative,
technical and billing contacts for the domain name mention the name of
an Australian company based in Sunbury.

So just what was behind the so-called hacking attempt on Zee? There
could be four scenarios:


One: The hackers were aware that Zeetv.com has nothing to do with the
Zee Group, but chose to hack into the site in the hope that whenever a
surfer types in the URL, he or she will be fooled into thinking the
Zee site has been hacked-and therefore, the purpose of smearing Zee
with anti-India propaganda would be achieved.

Two: The mischief-maker is either the US-based registrant himself, or
a third party, probably with the consent of the registrant. The domain
name will expire on September 22, 2001, according to the information
available at Networksolutions.com. Besides propaganda for a cause or
to launch a smear campaign against Zee, there is a concern that this
could be done to exert pressure on Zee to buy out the domain name at a
higher price.

Three: The hackers have actually bought the domain name and have
simply posted content on the site in such a way that it seems the Zee
site has been hacked. Again, the idea is to catch the surfers who
unknowingly come to Zeetv.com assuming that it is the Zee Group's
domain name.

Four: The hackers are plain dumb and have hacked into the wrong site.

But while Zee's official sites are safe for now, the brand is not
untouched by the attack. For one, surfers who are unaware that this is
not the official site, might just go away believing what they see.
Also, there are a lot of domain names related to `Zee' which are
already sold out, although these are not official Zee sites. Apart
from zeetv.com, zeetv.net, zeetv.org and zeetv.co.uk have also been
registered by others. Again there are at least three `Zee' domain
names which are not sold out yet. These include zeetv.org.uk,
zeetv.uk.com and zeetv.us.com. The issue then is: is this a plain case
of hacking, or a complicated form of cyber-blackmail?


[Compromised Zee TV site at Attrition.org]
http://www.attrition.org/mirror/attrition/2000/12/13/www.zeetv.com/



*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".