View Full Version : Hackers Hijack Cryptome and Delete Everything

17th October 2010, 10:43 AM
The longstanding whistleblower website Cryptome.org has been hacked during the weekend and all of the 54,000 files hosted on it have been deleted.

Cryptome publishes sensitive leaked documents and is ran by a long-time civil liberties activist named John Young, who co-founded the site in 1996.

The attack began during the early hours of October 2nd with the hacking of an Earthlink email address associated with the domain name.

The hackers then contacted the site's hosting provider, Network Solutions, from the compromised mailbox and requested information about the Cryptome's accounts.

There is no information to suggest that Network Solutions gave hackers control over the site's management panel, but they did somehow manage to get in.

They proceeded to delete all of the 54,000 files (around 7 GB) hosted in the account, changed the password and replaced the index page.

Theere were two separate versions of rogue home pages uploaded. One credited a hacker named "Trainreq" for the attack and the other one calling himself "RuxPin".

The pages reference "EBK" and "Defiant," two of the hackers convicted for hijacking the Comcast.net domain back in May 2008.

Kryogeniks, the group of defacers "EBK" and "Defiant" were members of, is also mentioned and so is Bradley Manning, the Army intelligence analyst suspected of leaking classified data to Wikileaks.

"A person wrote claiming to know who did the hack. No way to know if this claim is true. Hackers, like spies, often blame one another to cover their tracks.

"Blocking attacks is nearly impossible due to the purposefully weak security of the Internet. Nearly all security methods are bogus.

"A competent hacker or spy, or the two working together, can penetrate easily. We monitor and keep back-ups ready. And do not trust our ISP, email provider and officials to tell the truth or protect us," a statement from Cryptome reads.

This is the second successful Cryptome.org hack in fourteen years. The previous incident occurred in 2003 and also involved all files being deleted.

Back in February, the site was temporarily suspended by Network Solutions due to a DMCA notice from Microsoft regarding the company's "Global Criminal Compliance Handbook," which Cryptome published.

Then in March, PayPal suspended the account used by the site to receive donations from users, forcing John Young to refund $5,300.