Dear All This posting will certainly raise your eyebrows. Especially, AccessIndia had a taste of it with Devdas Kamble also being one of the victim of this hack. We got a posting on the list which was not really made by him,for which action was taken against him.
We shall be restoring his privelleges as before. Read on for the full story. Harish Kotian Quoting: -----Original Message----- From: Devdas kamble [mailto:[email protected] Sent: 29 September 2011 16:05 To: [email protected] Cc: Kotian, H P Subject: Fwd: about bangladeshi hacker ---------- Forwarded message ---------- From: kunal kamble <[email protected]> Date: Thu, 29 Sep 2011 00:31:14 +0530 Subject: about bangladeshi hacker To: [email protected] *A BANGLADESHI HACKER* has managed to break into the computer infrastructure of a company called Inmotion Hosting and defaced hundreds of thousands of web sites hosted on its servers. According to the US web hosting provider<http://www.inmotionhosting.com/20110925-systems-announcement.html>, its administrators noticed an attack in progress at around 4am EST on 25 September and immediately moved to block it. The hacker, who calls himself TiGER-M@TE and previously defaced Google Bangladesh, tried to replace the index.php of all Inmotion-hosted web sites to which he gained access. It's not clear how many he managed to deface before being locked out of the system, but his submission to the Zone-H defacement archive resulted in the web site's server crashing. Nevertheless, over one hundred thousand requests went through, with his Zone-H profile <http://zone-h.org/archive/notifier=TiGER-M@TE> now listing 167,054 new defacements. A separate text file uploaded by the hacker online contains over 730,000 domain names corresponding to web sites hosted at Inmotion Hosting. Defaced web sites displayed an image reading "HACKED", the hacker's name and the usual "greetz" hackers leave during such attacks. But TiGER-M@TE didn't just replace the index.php file in every home directory. He did it for all sub-directories as well, making manual cleanup much harder for webmasters. Fortunately, the company developed an automated system to restore the original files from backups, a process that lasted until late in the day. At 11pm Inmotion reported that it had repaired most of its customers' web sites. "The majority of the automated repairs for shared have taken place at this time. We will continue to do repairs as possible tonight and tomorrow. If your site is showing a directory listing instead of your site, you will need to upload a replacement," the company said in an update on its web site. It's not exactly clear how TiGER-M@TE broke in, but Inmotion's security teamsuspects a vulnerability in an authentication system<http://twitter.com/#!/inmotionhosting/status/117953464050520064>. Customer access to Cpanel, a popular web site configuration and management application, was disabled by Inmotion soon after it detected the attack Notice: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this email by error, please notify us by return e-mail or telephone and immediately and permanently delete the message and any attachments. The recipient should check this email and any attachments for the presence of viruses. The Reserve Bank of India accepts no liability for any damage caused by any virus transmitted by this email. Register for AccessIndia convention 2011(November 12-13) at: http://www.accessindia.org.in/harish/convention.htm Search for old postings at: http://www.mail-archive.com/[email protected]/ To unsubscribe send a message to [email protected] with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in
