And here's the final bit. I'd like to think that is 100% conclusive proof of what happened.
The IP range hijacked by backconnect.net, 220.127.116.11/24 returns interesting results on google: https://staminus.thecthulhu.com/zine.txt ## Global allows ALLOW_MAIN="" ALLOW_MAIN="$ALLOW_MAIN $RFC1918 $LOCAL" ALLOW_MAIN="$ALLOW_MAIN 18.104.22.168 22.214.171.124/24 126.96.36.199/24" # Internal Backconnect.net hijacked Staminus's internal management range 188.8.131.52/24 and used that to gain further access to Staminus's systems. On Sat, Sep 17, 2016 at 11:32 PM, Sean Rose <onetrueseanr...@gmail.com> wrote: > I know Bryant Townsend (ex staminus employee), Marshal Webb (aka m_nerva, > lulzsec informant) and others from backconnect.net performed a similar > BGP hijacking against staminus earlier this year. > > https://bgpstream.com/event/21051 > > Shortly afterwards, on 10th of march a zine is released leaking the > Staminus user database and contents of several customer servers. > > The times aren't the only interesting factor here, even the format of the > release just screams m_nerva. Zines are very rare these days. So rare in > fact that the last similar zine before the staminus hack was released in > 2013 by HTP, a hacker group m_nerva was loosely affiliated with during it's > early days. > > I *strongly* believe Bryant Townsend and Marshal Webb hacked Staminus and > produced the "Fuck 'em all." zine > > > Sean Rose >