Mummy's Gold Casino - Homepage hacked

spearmaster

RIP Ted
Fortunately these are only webpages which are hacked, not the software. With rare exception, most of these sites are running Microsoft IIS - needless to say, absolutely insecure even when you keep up with the latest updates on a daily basis.

Doesn't mean that *nix servers can't be hacked, but they are usually quite rare and usually through some other software, not the operating system itself.
 

GrandMaster

Ueber Meister
CAG
This guy has been extremely busy, according to
You do not have permission to view link Log in or register now.
, he has hacked several hundred websited. Jackpotsinaflash.com and some other casinos were also among the victims. All the affected sites were running Microsoft IIS on Windows 2000 or 2003.
 

elscrabinda

Active Member
PABnoaccred
PABnorogue
Do you know if particular sites were targeted? Did they all have something in common, like donating money to Bush or something?

Fair play to the guy if they did, seems a bit strange otherwise but can't disagree with the sentiment.
 

Stilcho

Dormant account
I dont know much about this hacker, but it looks like he is not a cracker. he hacks then explain on the bottom of the homepage. in the case of this sreenshot, "fix your bugs" is written on the bottom. he is getting a reputation now it looks like but not as a cracker, or did I miss something else (this is the first time I heard of him, dont know if he damage or crack any websites in the past).
 

Bruce Hamilton

Dormant account
Stilcho said:
he hacks then explain on the bottom of the homepage. in the case of this sreenshot, "fix your bugs" is written on the bottom.
In this case, someone might've wanted to download the casino software, and couldn't because of some script kiddie getting his jollies... Even if he had written "fix your bugs" on their current home page, it still qualifies as causing damage.
 

Stilcho

Dormant account
Bruce Hamilton said:
In this case, someone might've wanted to download the casino software, and couldn't because of some script kiddie getting his jollies... Even if he had written "fix your bugs" on their current home page, it still qualifies as causing damage.
or prevented someone from downloading thier software that have lots of security problems (which in this case they do), real money are invovle here, hopefully Mummy's God Casino fix their network security.

next time, it's not just a homepage that crackers will try to crack, lots of bank and customer infos they really want to get a hold on. Mummy got lucky on this one.

not trying to defend this hacker, but looks like he is the typical hacker that that will hack website and tell them whats wrong with thier networks. crackers are the ones that networkers are really tryin gto look for, they are dangerious and deadly.
 

spearmaster

RIP Ted
Stilcho said:
or prevented someone from downloading thier software that have lots of security problems (which in this case they do), real money are invovle here, hopefully Mummy's God Casino fix their network security.

next time, it's not just a homepage that crackers will try to crack, lots of bank and customer infos they really want to get a hold on. Mummy got lucky on this one.

not trying to defend this hacker, but looks like he is the typical hacker that that will hack website and tell them whats wrong with thier networks. crackers are the ones that networkers are really tryin gto look for, they are dangerious and deadly.
Not to be a spoilsport, but who in the world keeps customer info on the website?

Furthermore, exactly what security problems in the software are you referring to?

This idiot hacker hacked the website because he could, not because he was trying to help them. Typical hackers do NOT tell their victims what's wrong with their sites or networks.
 

Bruce Hamilton

Dormant account
Stilcho said:
...real money are invovle here, hopefully Mummy's God Casino fix their network security...lots of bank and customer infos they really want to get a hold on. Mummy got lucky on this one.
Customer info resides on a totally different server than their web site, and the servers run different OS. The gaming server is Microgaming, the web server is Microsoft. If someone hacked into a Microgaming server, a lot of casinos would quickly be offline and out of business. As for the web server... it is Microsoft...
 

GrandMaster

Ueber Meister
CAG
If the guy had been really malicious, he could have change the download link to point at a trojan on website administered by him. If he had called the trojan download helper, and made it to download the casino in addition to whatever nasty stuff it was designed to do, nobody may have noticed it for a long time.

It would be a good idea to publish MD5 checksums of the casino installers on the software providers' sites, so that players could check the installer is genuine and has not been corrupted or tempered with.
 

spearmaster

RIP Ted
I repeat, this is NOT the norm - there are very few hackers who can claim to be white-hat. And even then, most white-hat hackers used to be black-hat.

Don't get any bright ideas that these hackers are trying to help the websites they are hacking, because they're not. A white-hat hacker would not bother to put up a new page to show the world how clever he thinks he is.
 
Top