Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

'Eddie Murphy' Hackers Demand Ransom From Rock Band

From: InfoSec News <isn () c4i org>
Date: Tue, 12 Mar 2002 00:41:55 -0600 (CST)
http://www.newsbytes.com/news/02/175103.html

By Brian McWilliams, Newsbytes
BOULDER, COLORADO, U.S.A.,
11 Mar 2002, 10:45 AM CST
 
A group calling itself "Hackers for Eddie Murphy" posted a ransom note
Sunday on the front door of the Web site operated by Colorado-based
rock band The String Cheese Incident.

According to the defacement, which appeared to be a tongue-in-cheek
hoax, the hackers demanded a payment of $1 million for the return of
the site's servers "to their normal state of well being."
 
The attackers' message, which was still viewable this morning, said
they would use the money to "jump start" production of "Beverly Hills
Cop 4," another sequel to Murphy's 1984 movie. "Beverly Hills Cop 3"  
was released in 1994.

The String Cheese Incident (SCI) is a group of former ski bums that
has become Colorado's favorite band, according to the
Stringcheeseincident.com Web site. The group's music is reminiscent of
that of the Grateful Dead.

SCI representatives were not immediately available for comment.

The defacement instructed SCI site operators simply to leave the
million dollars "at the corner of the Oak and Fifth" but did not
specify the city. The attackers did not leave any contact information.

The Web site, which appeared to be hosted by a Boulder-based Internet
service provider named Indra's Net, is running the Apache Web server
on the Red Hat Linux operating system.

The Stringcheeseincident.com server appeared to be using a vulnerable
version of the WU-FTPD file transfer program. According to a November
2001 advisory from the Computer Emergency Response Team, WU-FTPD
version 2.6.1 contains a security hole that could allow remote
attackers to take control of the server.

Aside from the main page, the rest of the SCI site pages appeared
untouched. An online ticketing section, as well as a merchandise area,
appeared to be hosted on separate servers.

The SCI site was the first defacement by Hackers for Eddie Murphy,
according to records maintained by the Alldas defacement archive.

The String Cheese Incident site is at
http://www.stringcheeseincident.com

A mirror of the SCI defacement is at
http://defaced.alldas.org/mirror/2002/03/10/www.stringcheeseincident.com/



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: