Search

Saturday, June 18, 2011

Pakistani hacker claims HP systems attack

HexCoder claims to have broken into HP FTP server and accessed 9GB of data; HP says its probing the claim


Hewlett-Packard Co. has become the latest organization to add its name to the rapidly growing list of high-profile hacking victims.
The Hacker News (THN), an online news site, this morning reported that Pakistani hacker HexCoder claims to have penetrated an HP FTP server and accessed about 9 GB of data.
A HP spokesman this afternoon said that the company is trying to verify the hacker's claims. He added that the data alleged to have been compromised is in the Japanese language. The company is working with its Japan operation to find out what might have happened.
"There's a high likelihood that this is stuff that is publicly available," the spokesman added.
THN posted several screen shots of the data HexCoder claims to have accessed from the HP system.
It's unclear from the screen shots whether any personal or financial data was compromised in the alleged attack.
The names of some of the exposed files suggest that some information might have been publicly available, as HP claimed. For instance, several of the allegedly exposed files appear to be newsletters from 2003 and 2004.
Some of the filenames that are visible in the screenshots suggest that data on systems running Japanese versions of HP Linux may have been compromised.
The news site quotes the hacker as saying: "I have done this by getting access to FTP successfully. All this by just mere stupidity! Oh and I will not share their database because its too big (9 GB)."
In an email to Computeworld, THN editor Mohit Kumar said the screenshots made available to THN show that the hacker has permissions to 777 files on the compromised system. "That means he [may have] root access, almost in FTP," Kumar said.
The screenshots made available by HexCoder suggests that information on various HP software products, tools and drivers has been copied, Kumar said. One of the exposed folders appears to contain delivery reports on various HP products. Another contains various news media files and newsletter items, he said.
The alleged attack on HP lengthens the growing list of organizations that have been recently hacked in similar fashion. Other recent victims include:
In some cases, such as the attacks on RSA, Lockheed and Oakridge, the motive appears to be espionage and IP theft. But most of the other recent attacks appear aimed at embarrassing organizations.
In some cases, the attacks have followed recent news events.
The attacks on the IMF for instance, came just weeks after ex-IMF chief Dominique Strauss-Kahn was arrested on sexual abuse charges. The HP attacks come just days after the company announced an executive realignment.
What has been especially discomfiting for many of the victims is the fact that the breaks-in often have resulted from embarrassingly low-tech methods that showed fundamental security lapses.

No comments: