Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[ISN] Pro-Napster Hacker Warns Against Arrest
From: Nelson Murilo (nelsonPANGEIA.COM.BR)
Date: Fri Aug 18 2000 - 19:14:56 CDT
Friday August 18 04:17 PM EDT
Pro-Napster Hacker Warns Against Arrest
NEW YORK (APBnews.com) -- The alleged "hacktivist" who may have
defaced as many as 60 Web sites in the past week with a pro-Napster
screed now warns that fellow hackers will unleash widespread
cyberattacks if federal authorities attempt to collar any suspects.
The hacker goes by the online handle "Pimpshiz" and has posted an
e-mail alias on each site that has been defaced. Someone using that
alias contacted an APBnews.com reporter and claimed responsibility for
"I'm sure I'll get arrested," Pimpshiz wrote in an e-mail. "Just be
aware there will be a huge chain-reaction\aftermath when I get
'Mass destruction' planned
Minutes later another writer, "Ryan," an alleged acquaintance, said in
an e-mail message that Pimpshiz should not face criminal penalties.
Property hasn't been damaged, Ryan wrote, the defacements merely
showed how vulnerable Microsoft operating systems are.
"If the FBI arrests Pimpshiz, hundreds of hackers are on standby to
cause mass destruction," Ryan warned.
No other details of the possible "after-strike" -- such as likely
targets or type of attack -- were offered by either writer.
Conspiracy charges possible
FBI spokeswoman Debra Weierman in Washington said National
Infrastructure Protection Center investigators are still looking into
the rash of Web site intrusions that allegedly carried Pimpshiz's
She said if the warning by Pimpshiz proved true, and further attacks
were perpetrated as the result of an eventual arrest, then conspiracy
charges could be lumped on top of possible computer fraud and
The defacements appear to have started as early as Aug. 8, with the
hacker allegedly replacing the index pages of a strange assortment of
Web sites with a rambling message deriding rock band Metallica for
filing suit against online music-sharing system Napster.
The message stated that Napster has been wrongly targeted by copyright
infringement lawsuits that almost shut down the company last month.
Claims to be 11-year-old girl
In e-mail messages to APBnews.com, Pimpshiz claimed to be a "baggy
pants wearing, rap listening" 11-year-old girl -- unusual, if ever
proven true, since most hackers and crackers engaged in malicious
online activity are teenaged boys.
She is not a Napster user, the hacker repeated, but wanted to speak
out about a perceived injustice.
"I am doing this to show others how I see this matter," Pimpshiz
wrote. "I want people to see my perspective."
Sites picked at random
The hacker wrote that the bizarre choice of victim sites -- which
allegedly included a commercial roofing contractor in Palatine, Ill.
-- were picked randomly. Pimpshiz claimed to have hacked 60 sites.
Four sites operated by King World Productions were temporarily
defaced, said company webmaster Nick Roller, including the online
presence of TV's Roseanne Barr Show, The Martin Short Show, Inside
Edition and its corporate site.
Pimpshiz said the King World sites were picked because they are
Attrition.org, a hacker news site, lists other victims as including
Honda U.K., TDK and 800shoes.com.
Exploited Windows bugs
When asked by a reporter how access was gained to secure Web servers
such as those operated by King World, Pimpshiz replied: "With a
vulnerability in IIS 4 and 5.0."
Cybersecurity analyst Elias Levy of SecurityFocus.com said that answer
doesn't reveal much, but it apparently refers to known bugs in
Microsoft's Windows NT Web servers.
"There have been a few IIS vulnerabilities recently, but they mostly
deal with being able to read the source code to Web scripts," he said.
"Nothing that would let you take over the Web site all that easily,
unless you found a problem in the script source code."
Ray Kaplan, a computer security consultant at Guardent Inc. in St.
Paul, Minn., said the defacements appear to be nothing new or
"It's the same old penetration," he said. "You figure out what
software people are running, and go find the exploit and take
advantage of it."
By James Gordon Meek, an APBnews.com editor.
Copyright © 2000 Yahoo! and APB Online. All Rights Reserved.
ISN is hosted by SecurityFocus.com
To unsubscribe email LISTSERVSecurityFocus.com with a message body of