A TREND MICRO BLOG

Jul 29

ZF05, Kaminsky = 0wned, Mitnick = 0wned

Rik Ferguson

Filed under: Hacking, Opinion, Site Compromise | RSS 2.0 | TB | Tags: , , , , , | 8 Comments

The hacker group Zero for Owned have released their latest zine, and this time, in their own words it’s “a big one”. The group claim to have compromised Kevin Mitnick and Dan Kaminsky to name just the two highest profile victims. The timing of the release can be no coincidence, with BlackHat opening this week.
 
 

The release was probably also embarrassing for victim Kaminsky, his own website DoxPara Research was defaced and bore the simple message. “Oh sh_t, Dan Kaminskyis 0wned and f_cked Up. Check doxpara.com/zf05.txt. July 28, 2009 | Filed Under Uncategorized”. The defacement was quickly cleaned up and as of this writing the site remains offline, but the file is out there now, with all its sensitive content.
 
 

The text file in question is of course the zine, all 1.2MB of it, the intro for which says;
 
intro1

  

As the document progresses, the group go on to detail information stolen from notable security researchers and online “hacker” forums including many passwords, private keys, configurations and personal correspondence.

  

Why do they do this? Well again in the words of ZF0

Are you professional types really this out of touch? I see all these papers about how to protect yourself from these super-fu__ing-advanced techniques and exploits that very few people can actually develop, and most hackers will NEVER USE. It’s the simple stuff that works now, and will continue to work years into the future. Not only is it way easier to dev for simple mistakes, but they are easier to find and are more plentiful. 
 
[...]

Very few whitehats actually go out there and provide a service where they make people more secure. Not just for a day or a month. Are you genuinely fixing the underlying design and logic flaws that generate security problems for your clients or customers? If you actually clean up every exposed security flaw they have, will they still be “secure” in six months or a year?

We could go on. Just in general, the industry is failing. Flat out failing.

 

I certainly don’t agree with the methods used, and while I would never lay claim to being a hacker (of any coloured hat); it is absolutely true to say that far too many individuals and corporations continue leave themselves open to compromise through errors of omission, misconfiguration and unpatched/unhardened systems. According to this zine, that even includes the professionals. (The part that I snipped goes on to detail their objections to full-disclosure, but to be honest that is worthy of a seperate discussion in itself. )

  

When the low hanging fruit is so plentiful, the bad guys have no need to climb up the tree of complexity to steal your information and compromise your systems, that much is certainly true. In fact the lessons that can be learned from this kind of event are manifold, and certainly more than can be squeezed into a single blog post, have a look at Rafa Los’ Digital Soapbox  for other observations about the implications of this zine.
 
 

The “Last Words” from the zine:
 
conc


Bookmark
| More

This entry was posted on Wednesday, 29. July 2009 and is filed under "Hacking, Opinion, Site Compromise". You can follow any responses to this entry with RSS 2.0. You can leave a response here, or send a trackback from your own site.

8 Comments

  1. Wednesday, 29. July 2009 um 6:41 pm

    zfo or zero for owned is nothing more than some kid who sits around scanning with a vulnerability scanner and pastes everything that they find into notepad with some ascii art and some lines they picked up from a movie or two.
    Ever notice all the useless info stuffed into the so called “zines” (see: .txt file)?
    Its all included because they dont know whats useful information and what isnt. They just dump what the software spits out into the txt… then crack some hashes using readily available programs and hope for the targets re-using their passwords to access email accounts, etc and talk alot of garbarge.

    The only thing vaguely interesting about it is the fact that so many people are still re-using passwords, using weak ones, and running vulnerable unpatched software. As long as that continues, expect these idiots to be around trying to gain some sort of a name for themselves for a while.

  2. Thursday, 30. July 2009 um 6:23 am

    [...] ZF05, Kaminsky = 0wned, Mitnick = 0wned » CounterMeasures. [...]

  3. Friday, 31. July 2009 um 12:08 am

    [...] Autre lien (Anglais) : countermeasures.trendmicro.eu [...]

  4. Friday, 31. July 2009 um 2:27 am

    Are you Dan Kaminsky?

  5. Friday, 31. July 2009 um 10:34 am

    Nope.

  6. Tuesday, 4. August 2009 um 5:42 am

    So who exactly is Zero For Owned? There does not seem to be that much info on the net about them. I wonder why these guys are staying below the radar underground.

  7. Friday, 14. August 2009 um 6:53 am

    That anon guy up above is a f****ng idiot. We aren’t talking about hacking some kindergarden teacher here, we’re talking about how zf0 hacked Mitnick for god’s sake.

    Please Anon, hang up your hat–be it white or black, you’re really too stupid to even be typing s**t on a keyboard.

    Mitnick seriously epitomized the failures of computer ’security.’ He made millions off of people’s gullibility, like deception was something he invented. And yet he takes credit for it, labels it ’social engineering’, and profits at other’s expenses. Psychologists are better able to tell you about deception and coercion, not some overpaid **** ***.

  8. Sunday, 8. November 2009 um 11:59 pm

    @Anon: you are wrong … so wrong. i sense the frustration …

Leave a comment

XHTML allowed tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Spam protection

© Copyright 2010 Trend Micro Inc. All rights reserved.
Legal Notice. Disclaimer