Forwarded From: 7Pillars Partners <partners@sirius.infonex.com>
Swedish Crackers Taunt Mac Fans
by James Glave
10:25 a.m. 5.Jan.99.PST
Apple and Intel in a merger of epic proportions. Heckuva story, isn't it?
It would be, if it were true.
A couple of Swedish crackers breached the Web sites for Macworld and
MacWeek magazines Monday night and planted the bogus scoop.
"Today, Apple and Intel released the shocking news that they now have
merged into APTEL Inc., starting a new line of Computer Systems featuring
the Intel Pentium II processor and Linux Slackware Operating System," the
fake story read.
The crackers, calling themselves Sobber and Freddie, played a game of cat
and mouse with the Mac Publishing technical administrator, republishing
the story to the site around 20 times late Monday and early Tuesday.
The attack occurred on the eve of Macworld Expo in San Francisco, Apple's
annual celebration of its platform.
In an Internet relay chat interview with Freddie on Tuesday morning, the
24-year-old said that he replaced the page "just for a laugh ... and also
to give 'em a li'l beating for not patching such an obvious hole."
He was referring to a vulnerability in a version of the Solaris operating
system known as "rpc.ttdbserver." The exploit is known as a remote buffer
overflow, which occurs when the machine is given a value that is much
longer than expected.
They then hid a "back door" program on the Web server that gave them
access to the sites long after Mac Publishing content engineer Jeff Cheney
patched the initial hole. Freddie said they posted the cracked page
roughly 20 times in a game of cat and mouse with Cheney. Early Tuesday, a
weary Cheney was still digging through his system, trying to find where
they had hidden their back door code.
"I didn't find a lot of humor in it," said Cheney. "I have been wondering
a lot about the motives of a person who does such a thing ... other than
that I know that our security wasn't as good as it should have been."
Mac Publishing's director of online content said the prank was "highly
irritating," given that the crack was done just as the Macintosh's biggest
event of the year was about to start.
Though he has responded to a few emails from concerned readers, Matthew
Rothenberg said "this is pretty obvious to anyone who is clued in that
this is graffiti. I would be more concerned if it looked authentic."
The text quoted Tom Graham, a fictitious Apple executive, stating that the
Linux operating system is the way of the future: "With our merger with
Intel, Microsoft won't stand a chance, so UP YOURS Bill Gates!"
"Sources inside Intel have confirmed for MacWeek that the new Intel
processors will have a built-in bug that will make it incompatible with
Microsoft Windows," the story continued.
The pair taunted technical staff by posting a related -- if inarticulate
-- fake news story about their own capture and punishment for the prank.
"The hackers will now spend 6 months of cow milking on a farm locate in
the southern parts of Sweden."
As of 8 a.m. PST Tuesday, Freddie said he still had access to the sites,
and proved it during the interview by changing the Macworld page.
The hole was sealed for good a few hours later after Freddie informed
Cheney through Wired News where he was hiding his back door program.
"I have no interest in making 'em suffer too much," Freddie said. "And I
think they got it now that security is nothing to take lightly."
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
Received on Tue Jan 5 19:36:43 1999