Hackers gain access to all .edu domains

May 7, 2013 – 5:09 PM

The hacker collective “Hack the Planet” (HTP) has claimed responsibility for an attack on MIT (Massachusetts Institute of Technology) computer systems in late January, in which it claims to have briefly taken control of the university’s domain, redirected email traffic, and obtained administrator access to all .edu domains. HTP also claims to have compromised web servers for other sites, including security tool Nmap, network security service Sucuri, IT security company Trend Micro, and network analysis tool Wireshark.

Some of the hacks made use of a zero-day exploit, which the group has now taken the opportunity to disclose, against a vulnerability in the MoinMoin wiki system. Hack the Planet has also released information about an exploit against web servers running ColdFusion 9 or 10. The group claims to have used a variant of this exploit for their April attack on hosting company Linode.

HTP are a pretty hardcore bunch, though they are keen to stress their adherence to hacking’s code of honour on their trawls through the web. In contrast to the carefree approach practised by more chaos-loving hackers of the LulzSec ilk, which involves simply pasting everything they uncover online, they appear to be more concerned with bragging rights. They document their deeds in old-school zines, consisting of scorn-laden ASCII documents with detailed descriptions of their adventures.

According to the latest zine, HTP has obtained access to a number of servers, including servers hosting the Nagios, Mono, Pastie, and SQLite projects. The hackers even claim to have compromised ICANN and the SourceForge backbone. They have published around 7500 .edu domain records together with unsalted MD5 password hashes. Nearly half (around 3400) of the records also include the password as plain text. In view of the speed with which it is possible to try out MD5 hashes, it is likely to be only a matter of time before the remainder are cracked. The registrar has declined to comment on whether or not it has a firm grip on the threat this poses.


You must be logged in to post a comment.