AOL Watch: Hackers Everywhere

David Cassel (destiny@wco.com)
Mon, 14 Sep 1998 10:21:44 -0400


		      H a c k e r s   E v e r y w h e r e

~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~ 

Approaching AOL's chat rooms last Sunday, three AOL Watch readers report,
a mysterious phenomenon appeared after clicking the "Find a chat" icon. 
All the rooms had the same name. 

		"AoL HacKeD"
		"AoL HacKeD"
		"AoL HacKeD"

A former Guide reports a similar experience the same night -- though all
the room names had been changed to "oneroomisenough" 

	http://www.aolwatch.org/aolhackd.jpg
	http://www.aolwatch.org/chathak2.gif
	http://www.geocities.com/SiliconValley/Horizon/1551/chathack.html

	http://www.aolwatch.org/findchat.jpg


Other AOL areas face security concerns as well.  Two days later, one Guide
reported, AOL's NetNoir area was also compromised by vandals! 

	http://www.aolwatch.org/noirhack3.htm

Last Tuesday AOL users apparently found the area's content replaced with a
message attributed to "Spin" -- expressing surprise at the ease of entry. 
"One would imagine that the folks working for NetNoir would grow in
knowledge a bit," the message reportedly taunted, "after being compromised
and vandalized twice last year, both instances occurring within about
thirty days..." 

Indeed, AOL's NetNoir area was compromised twice last December by Spin and
his band of aspiring hackers. 

	http://www.aolwatch.org/noirhack2.htm
	http://www.aolwatch.org/noirhack.htm

"Our hosts sure aren't too bright," the vandals wrote in their second
attack.  And it seems Tuesday they used the opportunity to criticize AOL's
safety again.  "Months ago, America Online implemented a mandatory new
measure of 'security' that supposedly would prevent instances such as
this," the Guide reports the message continued.  "Well, as it has been
shown in the past, you can't trust America Online with anything. Attacks
to keywords such as this one still prevail.

"It seems that those who wish to stop this from happening have no power
whatsoever over the situation." 

When reached for comment, NetNoir President and CEO David Ellington had
only one response -- "We do not comment on vandalism or hacker activities"
-- but in December, after the first attack, Ellington had told AOL Watch
confidently that "We think we figured out how they got in."  Attackers
struck again less than three weeks later.... 

But even in December, Ellington's confidence was low.  "There's always
gonna be something," he had added.  "That's the nature of this business." 
Indeed, three weeks ago, yet another AOL content area fell to Spin.  "TBB,
Spin, and Hex are all 'Real Fans' of AOL vandalism," read a message
inserted into the front page of AOL's "Real Fans" area. 

		http://www.aolwatch.org/fanhack2.htm

One of the area's staffers told AOL Watch, "It isn't the first time 'Hex
and Spin' have done this.  There was another incident back in the
spring..." 

In fact, in autumn of 1997, when the area was still called "Extreme Fans",
an attacker named "K1NG" even inserted their own headlines next to AOL's
icons. 

	"K1NG is traded to the American League." 
	"K1NG gets traded back to the national league." 
	"K1NG is inducted into the hall of fame. 

			    http://www.aolwatch.org/fanshack.htm

Now some subscribers are beginning to lose confidence.  After hearing of
the altered chat room listings, one user told AOL Watch that it was "just
further proof that AOL's security is sorely lacking."

Not all the victims are on AOL.  The New York Times' web site was also
apparently hacked this weekend -- with mirror sites recording the
incident. 

	http://fearless.net/mirror/nythack/
	http://www.nihidyll.com/mirror/hacks/new_york_times_13_sept_1998.htm

But AOL's New York Times area had already fallen to attackers last summer. 
"It's fairly common that there are several cases like this every month,"
AOL's "Vice President of Integrity Assurance" conceded to the newspaper. 

	http://www.nytimes.com/library/cyber/week/050197aol.html
	http://www.aolwatch.org/nythack.htm 

In fact, in September of 1995, AOL CEO Steve Case wrote of hackers that
"it happens everywhere", and added that "when we discover hackers", AOL
"aggressively take measures to head them off."  But within days of that
announcement, hackers were posting e-mail that they'd stolen from AOL
executives to internet newsgroups.  They continued undaunted, posting
internal memos, and even Mr. Case's home address.  (In probably the most
embarrassing development, in-house e-mail about the hackers was being
circulated *by* the hackers.) 

A pall of suspicion lingers over the on-line world.  One New York
technology reporter even declined to publicize their e-mail address as a
challenge to hackers, telling AOL Watch "I wouldn't want to challenge
hackers to get into my AOL account or my other account which I have
through a local ISP.  Because I don't trust, whether rightly or wrongly,
security on the Web or on AOL overall -- and I don't underestimate the
power of hackers." 

But AOL's "hackers happen" attitude has caused subscribers to question
even legitimate content.  One AOL Watch reader suspected the MTV area on
AOL had also been attacked because the phrase "J.F. IS HERE" appeared on
the site's logo. 

The text turned out to be a promotion for an upcoming MTV program... 


THE LAST LAUGH

"Doesn't the Starr report violate AOL terms of service?" asks one AOL
Watch reader. 

Indeed, on AOL the report of special prosecutor Kenneth Starr about
President Clinton comes with a "Parental Notice" warning that "The Starr
report contains adult language and situations and may be objectionable to
some people.  While the content of this report falls within the bounds of
our Community Guidelines, it is not appropriate for children...." 

    David Cassel
    More Information - 
		 http://www.aolwatch.org
		 http://www.news.com/News/Item/0,4,17177,00.html
		 http://archive.abcnews.com/sections/tech/Silicon/silicon2.html

~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~

    Please forward with subscription information.   To subscribe to this
    list, type your correct e-mail address in the form at the bottom
    of the page at http://www.aolsucks.org -- or send e-mail to
    MAJORDOMO@AOLWATCH.ORG containing the phrase SUBSCRIBE AOLWATCH 

    To unsubscribe from the list, send a message to MAJORDOMO@AOLWATCH.ORG
    containing the phrase UNSUBSCRIBE AOLWATCH.

~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~


Cloud 9
AOL Sucks

webmaster@aolsucks.org
Copyright © 1995-1998 All Rights Reserved.
Web service provided by Cloud 9 Internet