Cryptome hacked - operating since 1996...
Feb 13, 2012 - "Cryptome.org is a website that has focused on publishing information about freedom of speech, cryptography, spying, and surveillance. In many ways, Cryptome is similar to Wikileaks - except it has been operating since 1996. The site is run by a New York -based architect called John Young... The hack planted an attack script on every page of Cryptome*. This script used the infamous Blackhole toolkit to gain access to vulnerable computers that visited... the attack script specifically avoids targeting IP addresses from Google to prevent Google search engine from blacklisting the site..."
13 Feb 2012 - "Because every HTML file examined has the malware Script, a complete restoration of Cryptome with clean files is underway... Symantec description of Blackhole Toolkit Website 12**... added the attacker URL, 22.214.171.124, to its malware list on 7 February 2012..."
126.96.36.199 ...Could not find a domain name corresponding to this IP address...
NetRange: 188.8.131.52 - 184.108.40.206
CIDR: 220.127.116.11/18 - Origin AS:36444
"... 344 site(s)... served content that resulted in malicious software being downloaded and installed without user consent. The last time Google tested a site on this network was on 2012-02-13, and the last time suspicious content was found was on 2012-02-13... Over the past 90 days, we found 9 site(s) on this network... that appeared to function as intermediaries for the infection of 26 other site(s)... We found 37 site(s)... that infected 73 other site(s)..."
No replies to this topic