Security threats Toolkit

Kevin Mitnick site defaced by hackers

Tags:
Hacker,
Kevin Mitnick

Joris Evers CNET News

Published: 22 Aug 2006 09:00 BST

Instead of the usual description of Kevin Mitnick, his consulting services and books, the famed hacker's Web site on Sunday displayed a vulgar message.

Online vandals, apparently operating from Pakistan, broke into the computer hosting Mitnick's Web site on Sunday and replaced his front page with one of their own. As a result, four Web addresses belonging to Mitnick, including KevinMitnick.com and MitnickSecurity.com, displayed an explicit message on Mitnick and hacking.

"The Web hosting provider that hosts my sites was hacked," Mitnick told ZDNet UK's sister site, CNET News.com, in an interview on Monday. "Fortunately, I don't keep any confidential data on my Web site, so it wasn't that serious. Of course it is embarrassing to be defaced — nobody likes it."

Mitnick's name is synonymous with "notorious hacker" for many. He was caught by the FBI in 1995 after a well-publicised pursuit and spent five years behind bars for wire and computer fraud. Today he is a consultant, has written two books, and spends much of his time on the road at speaking engagements.

Mitnick heard about the defacement on Sunday afternoon, shortly after the initial compromise, he said. The attackers gained complete control over the server that hosts his site as well as others at hosting provider Hostedhere, Mitnick said. It is common that hosting companies store multiple customers' Web sites on one server.

"The attackers from Pakistan took over that whole box. There were a whole bunch of customers, including myself, but my site was the only one defaced, so I was probably the target," Mitnick said. The server was taken offline to be reinstalled, Mitnick said.

Web site defacements still occur often, but they have become less high profile in recent years as other, financially motivated threats take the spotlight.

The message placed on Mitnick's Web site started with: "ZMOG!! THE MITNICK GOTZ OWNED!!" and continues with expletives and a picture of Mitnick with some modifications. Security Web site Zone-H first reported the hack on Monday and has screenshots of the replaced Web pages.

Defacing Web sites is akin to graffiti in the brick-and-mortar world. "It is kind of stupid, they do it for the attention," Mitnick said. "When I was a hacker, I never stooped to defacing sites because that was more like vandalism, that wasn't any fun. It is more about getting in and stealth and looking around and exploring."

So far, Mitnick doesn't know how the server containing his Web site was compromised. He plans to investigate that at a later time. It could be that a security flaw on one of the other Web sites that was hosted on the same server gave the attackers a way into Mitnick's portion of the machine, he said.

"When you're with Web hosting companies, your security is as good as theirs. You just have to live with that," Mitnick said. "When you want to raise the bar, you have to set it up yourself. I don't have the time to maintain a Web site."

Hostedhere, Mitnick's hosting provider, did not immediately respond to an email seeking comment. "They do a good job. I don't think they're insecure," Mitnick said, adding that he would switch Web hosting providers only if his site was hacked continuously.

This isn't the first time that a Mitnick Web site has been defaced. Three years ago a site set up by Mitnick's supporters was repeatedly hacked. Mitnick did not operate those sites; he was not allowed to use computers at that time as part of the terms of his supervised release, he said.