[Moderator: I only have a few problems with this article.
By their own admission, some things were "secured to the bone"
making me wonder if any sensitive info was compromised at all.
The "we learned from Analyzer" continues to plague these
types of article. After more truth came out about him, can
we assume these kids ran a single remote exploit and that
is the extent of their 'hacking skill'?]
Crackers: We Stole Nuke Data
by James Glave
2:02pm 3.Jun.98.PDT
Three teenage crackers say they have broken into computer systems at
India's Bhabha Atomic Research Centre , Bombay (BARC) and that they are
targeting Pakistani computers in a protest against the two nations' recent
series of nuclear weapons tests.
In an interview conducted by Internet Relay Chat -- a venue that makes it
difficult to verify correspondents' real-world identities -- the trio took
credit for altering the research center's homepage and said they had
stolen email exchanged among Indian nuclear scientists in the weeks
immediately preceding and following weapons tests last month.
"We gained total control over six of the eight servers on the
*.barc.ernet.in domain," wrote a 17-year-old calling himself savecOre, one
of the three crackers who carried out the computer intrusion. The break-in
began on Monday and continued today.
The three said that they had erased all data on two of BARC's servers as a
protest against that nation's nuclear weapons development program.
"We were able to download several thousand pages of email and research
before we decided it was time to get out," said savec0re, who did not
disclose his real-world whereabouts. The group also includes an
individual named VeNoMouS, 18, who says he lives in New Zealand, and JF,
another 18-year-old who said he's a resident of England. All three are
members of an organized cracking group called Milw0rm.
The trio mailed a number of email files to Wired News to verify their
claims. The mails appear to include detailed scientific discussions of
nuclear physics and were dated as far back as last October and as recently
as Monday.
Authenticity of the files was not confirmed, and the Indian Embassy in
Washington, DC, did not immediately respond to a request for comment.
Email queries about the incident to representatives of the Bhadha Atomic
Research Center also went unanswered.
The three crackers said they had only just begun to read through the
email, which they said contained analysis of the five nuclear blasts that
India conducted beginning 11 May. The group said they grabbed the mail and
also defaced the Indian research center's homepage, mostly for thrills,
but also to draw attention to what they said was the threat of nuclear
war.
"We disabled two of the eight servers as retaliation to the tests, but not
before our presence had been detected. This was early this Wednesday,"
wrote savec0re.
The group's aim was straightforward, the three said: They want to register
a protest against the weapons tests.
"I'm just sick of nuclear shit," said VeNoMouS, who added that he learned
how to crack from Ehud Tenebaum, aka Analyzer, the Israeli teenager
implicated in attacks on US government network earlier this year.
"If you're gonna amass data which can take [so] many lives ... at least
secure it," said savec0re.
As of this morning, the Indian research center home page was disabled, and
displayed a directory listing of the facility's Web server. This was
likely because the webmaster had deleted a spoof BARC page that the
crackers had posted. That page showed a mushroom cloud and the text "If a
nuclear war does start, you will be the first to scream ..."
The cracking trio said that they had obtained root, or administrator
level, access to the Indian servers with a recently discovered public
vulnerability in the Sendmail mail server program. The crackers claim that
BARC was using an old and buggy version of the mail program. The whole
process was completed in 13 minutes and 52 seconds, they said.
"They had certain things secured to the bone, and yet other things were
completely obsolete," said savec0re.
JF said that he had launched his attack on the Indian servers by using an
US military network machine in the .mil domain.
The crackers say they're turning their attention to Pakistani government
computer systems, claiming to have obtained topology maps for both Indian
government networks and those maintained by Islamabad. The trio said they
intend to take a closer look into Pakistan's nuclear weapons program.
News of the intrusions came a day after Jacques Gansler, US undersecretary
of defense for acquisition and technology, told an industry-military forum
that teenage crackers pose a "real threat environment" to national
security.
Peter Neumann, a critical infrastructure and security expert with SRI
International, said that the three teens weren't as much of a threat as
terrorists, but that India was "way behind" America in terms of security.
"The fact that so many systems are all so weak is the biggest threat,"
Neumann said. "[The crisis] has nothing do with teenagers and everything
to do with the fact that the US government is incapable of ratcheting up
its security."
Editor's Note: Due to the anonymous nature of Internet Relay Chat, the
real-world identities of the individuals in this story cound not be
positively confirmed.
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Thu Jun 4 09:16:53 1998