A group of Internet vandals calling themselves Sm0ked Crew has hit the Web sites of technology giants Hewlett-Packard, Compaq Computer, Gateway and Intel.
Other victims include AltaVista and Disney's Go.com.
Attrition.org, an independent organisation that records hacking incidents, reported that Sm0ked Crew had defaced HP's e-learning site, a Compaq Europe, Middle East and Africa page, and one of Alta Vista's shopping sites this week.
When contacted, a Singapore-based HP spokeswoman said she could not provide further details on the hacking. Compaq Asia-Pacific spokesman Choy Boon Yew confirmed that the defaced site belonged to its EMEA business unit.
"Our corporate office has identified and isolated the site...further investigations are being carried out. From our initial understanding, this is an extremely minor site. We have checked all our major sites, and they are in perfect condition," Choy said in an email response.
The affected HP and Compaq sites carried a message from the hackers: "Admin, You just got Sm0ked.
This site was hacked by Sm0ked crew. Hacked by splurge and The-Rev. Greetz dislexik, nouse, system33r, italguy, B_Real and anyone I forgot, sm0kedcrew@hushmail.com."
Last December, HP Hong Kong's Web site was defaced by another group called "antihackerlink" with the message: "The Satan of Bill is Here!"
AltaVista, Intel hacked
AltaVista spokeswoman Tracy Roberts acknowledged that one of the company's sites had been hacked but could not provide further details.
According to an Attrition.org report, Sm0ked Crew had hacked into a server belonging to Intel, which provides Web access to product support documents.
"The server has been removed from our network, and we are working to restore the service in the next few hours," she said, claiming that there was "no confidential, financial or Intel employee information on this site...there was also no business impact."
"Intel is currently investigating the incident, and we're not prepared to discuss specifics," Toh added.
Sm0ked Crew left this message for Intel: "Owned by sm0ked crew. The-Rev gives another admin a nice headache. Greets to DownKaos - ApocalypseDow - datagram - gM - blachz - B_Real - pimpshiz. Intel is blocking my HTML transfer so no pretty webpage, sorry. Questions, email me at sm0kedcrew@hushmail.com. Hi Blackdog."
Apart from the hackings, the defaced HP, Compaq, AltaVista and Intel sites had another thing in common--the operating system in question was Windows NT and the Web server IIS/4.0.
According to Attrition.org, Sm0ked Crew also defaced the following sites in February: CompUSA, Louisiana State University Medical Center, Taipei City Government, Terra Lycos, Board of Foreign Trade (Taiwan), and University of South Florida.
It's nice that they comment that the platform was NT and IIS 4.0, but it would have been better if they informed us whether the site was properly secured. Was an ICSA firewall installed and properly configured? Was SP6 installed on NT? Were all the latest security fixes applied to NT? What exploit was used, maybe all of us need to know so that we can avoid it in the future.
Articles like this really need some specifics, otherwise it is merely useless information that doesn't include information needed to protect all of our sites around the world.
Eric Svetcov
Editor, IThell.com
www.IThell.com
Where IT Professionals Vent!