Moore, the creator of the popular Metasploit hacking toolkit has become the victim of a computer attack. It happened on Tuesday morning, when Moore's company, BreakingPoint had some of its Internet traffic redirected to a fake Google page that was being run by a scammer. According to Moore, the hacker was able to do this by launching what's known as a cache poisoning attack on a DNS server on AT&T's network that was serving the Austin, Texas area. One of BreakingPoint's servers was forwarding DNS traffic to the AT&T server, so when it was compromised, so was HD Moore's company.
Update:
Some clarification has been posted by H D Moore of Metasploit regarding the story and miss-quotes:
In a recent conversation with Robert McMillan (IDG), I described an in-the-wild attack against one of AT&T's DNS cache servers, specifically one that was configured as an upstream forwarder for an internal DNS machine at BreakingPoint Systems. The attackers had replaced the cache entry for www.google.com with a web page that loaded advertisements hidden inside an iframe. This attack affected anyone in the Austin, Texas region using that AT&T Internet Services (previously SBC) DNS server. The attack itself was not malicious, did not load malware, and from an operational standpoint, had zero impact. I contacted the ISP, worked with our IT folks to switch forwarding services, and wrote a cache auditing tool. I found the "wild" attack interesting, so in a conversation with Robert McMillan, I brought up the incident and forwarded the associated logs and notes. Shortly after our conversation, Mr. McMillan published an article with a sensationalist title, that while containing most of the facts, attributed a quote to me that I simply did not say. Specifically, "It's funny," he said. "I got owned."
Read full story: PC World
To post comments, please login or create an account.
Sponsored byThreat Intelligence Platform
Sponsored byAvenue4 LLC
Sponsored byVerisign
Sponsored byVerisign
Sponsored byAfilias
Sponsored byWhoisXML API
Sponsored byAppDetex
Sponsored byAfilias
To be fair, HD Moore has written his own account of this interview/article, and takes issue with several points.
- ferg
We have added an update to the post above as well.