Dan Kaminsky gets hacked

Noted security professional Dan Kaminsky’s personal website was hacked into and personal information was stolen from his webserver and posted online on the eve of the Black Hat security conference. The stolen files included private emails between Dan and other security researchers.

Following is the cached result of Dan Kaminsky’s website which is currently offline.

According to the note the hackers left on Dan’s website on doxpara.com/zf05.txt,

We hacked Dan’s assets first through finding bugs and writing 0day, and then through abusing him giving away passwords and his silly password scheme. Check out just some of his passes: fuck.hackers, 0hn0z (root account on his mail box), fuck.omg, fuck.vps, ohhai

Five character root password? Niiiiiiice.

From .mysql_history:

SET PASSWORD FOR ‘root’@’localhost’ = PASSWORD(’fuck.mysql’);

See the pattern?

The hackers also criticized Dan for using insecure blogging and hosting services that they used to host their websites and in turn allowing access to their personal data.

If you looked at Dan’s website, he used Wordpress as his Content Management Solution and used the Dropshadow wordpress theme developed by Brian Gardner.

Looking at the theme, the last development occurred around April 2007. Could the hackers have used some vulnerability in the theme itself or did Dan have an insecure version of Wordpress installed on his webserver? Either case, if you are using Wordpress as your content management solution, it is important to think about Wordpress security.

Similar Posts:

• WordPress Security Tips to protect your WordPress Blog
• Solution to Error 500 after upgrading to WordPress 2.7
• Why Biometric Security CANNOT secure a Corporate Environment
• The History of Hacking
• External Content Threats Security and Web Beacons

Tagged as: blackhat, Dan Kaminsky, defcon, WordPress, wordpress security