Lulzsec!

Xenoxide said:
They took down Escapist with a 0-day Apache exploit from what I read. I've yet to find out how they did EVE and Minecraft though, possibly something similar (Or a DDoS).
Click to expand...

Forgive me my ignorance, I'm not a web-hosting guru.

Does this mean some websites were upgrading Apache immediately as a new version was released, without any probation period?

The company I work for is very conservative with IT (we're still running XP), and wouldn't dream of updating to the latest version of any software the day the update was released...
 
Apparently it was the "PBS.org" attack where they used the 0-day Apache exploit.

I assure you, all 3 of these affected sites are or was having a DDoS attack.
 
Last edited:
FoxEye said:
Forgive me my ignorance, I'm not a web-hosting guru.

Does this mean some websites were upgrading Apache immediately as a new version was released, without any probation period?

The company I work for is very conservative with IT (we're still running XP), and wouldn't dream of updating to the latest version of any software the day the update was released...
Click to expand...

0day usually means a brand new exploit before patches, antivirus, etc. have updated to protect against it.
 
Trying to help out the NHS with flaws in their system is a good thing, albeit illegal.
Hacking the Minecraft and EVE online server logins? Really....

It's just a publicity stunt as they've been on the news websites (technology) for the good part of a month at least. I'm sure a lot of members don't really care to participate in these pointless missions.
 
I don't think the Apache exploit that they used has been identified yet. They admitted to using it but as far as I know it's still private, so at this moment in time it's impossible to protect against because no one knows how the exploit works yet.
 
Bifröst said:
I'm sure a lot of members don't really care to participate in these pointless missions.
Click to expand...

No but then you've got to ask yourself why they're in a group with a bunch of children who are doing it in the first place. If you were just doing it to point out security flaws why would you want to associated with people who just keep hacking random services for no reason at all?
 
I have no respect for people who DDoS attack something, or who hack to do damage, but exploiting security flaws just for fun to expose those security flaws and hopefully force the developers to fix it is something I have no issue with.

If minecraft servers got hacked due to an exploit I wouldn't be too suprised as its still run by a small company, but if it was just a DDoS then its hardly anything interesting and not as big a deal as the proper hacks such as that on Sony.
 
Evilsod said:
If you were just doing it to point out security flaws why would you want to associated with people who just keep hacking random services for no reason at all?
Click to expand...

It's now obvious that they were using the "security flaws" as an excuse to hack innocent companies.

They are on a mission to irritate as many people as possible.

If they were greatly concerned about companies security they wouldn't keep this "0-day Apache" exploit private, it would be leaked on the net for all to see, that way Apache can start patching their software and people can apply the fix.

It's all about the E-peen.
 
Evilsod said:
No but then you've got to ask yourself why they're in a group with a bunch of children who are doing it in the first place. If you were just doing it to point out security flaws why would you want to associated with people who just keep hacking random services for no reason at all?
Click to expand...

Socially inept people, introverts and that's not me calling them losers. Some like to be part of a big collective, a destructive collective. Some like the fame that they get when there acts appear on big news websites. Some like to show off their talents.

There are really a lot of reason why people would do this. I would say a lot of them are craving attention IRL and not getting it so there act is an easy way of saying 'look what I did'.

Loads of reasons.
 
Last edited:
You know what, I cant wait for someone to find them out. Its not like they're quiet about what they're doing or going to do. If they constantly attack different servers around the web, it narrows down the attacker, the targets just need to compare notes.
 
Yeah the longer it goes on the easier it is to narrow down who is behind it, the targets don't need to do anything other than cooperate with law enforcement tho.

There are also tools in use now tho that can narrow down who is behind it and give other avenues for investigation skipping steps in the normal following bread cumbs back, so unless they are outside of the reach of the likes of interpol I suspect some of them will be facing the law soon enough.
 
Last edited:
If they are behind a Botnet it could take a *VERY* long time. :(

Also:

Confirms the DDoS attack..

Silly Eve have taken their entire network offline after our very simple DDoS attack. Oh well, another day, another lulz!
Click to expand...

Can't say I blame them, they probably think they've been hacked.. I mean, why would you not after all the stuff that's been going off recently.
 
It's a shame though that they are doing it to smaller dev teams. I mean Minecraft ?!? comeon thats harsh.

As mentioned in other threads and on the web why don't they try take down larger company's, granted they managed Sony and Eveonline. Why not try hit Activison Blizzard ? a multi billion dollar company ? or is that to much work for them.
 
Silly Eve have taken their entire network offline after our very simple DDoS attack. Oh well, another day, another lulz!
Click to expand...

They are failing so hard and they don't even know it. They are just endangering and generally ******* off normal, innocent people. All this because they can't get girlfriends :(

What's with all the phone call stuff? Is that how they make their money?
 
You must log in or register to reply here.
Back
Top Bottom