Microsoft DNS Hijacked by Spammers

[exfileme]

Two Microsoft addresses were used to push pills for a fake online pharmacy.

Microsoft DNS Hijacked by Spammers : Read more

 

[dameon51]

Too bad it wasn't actually MS. I've been waiting for Windows branded Viagra for sometime now.

 

[kresso]

The attack began twenty-four hours after he published a criminal online service that sold stolen credit card numbers for less than $2 each.

Well serves him right for selling our credit card numbers

 

[Yuka]

Microsoft added that the hacked network devices run a Linux kernel. "We are taking steps to better ensure that testing lab hardware devices that are Internet accessible are configured with proper security controls," Microsoft said.

So... MS engineers/technicians can't configure a Linux machine? That explains a few things security wise.

Cheers!

 

[2real]

[citation][nom]Yuka[/nom]So... MS engineers/technicians can't configure a Linux machine? That explains a few things security wise.Cheers![/citation]
or that linux isn't as secure as you think

 

[cscott_it]

[citation][nom]Yuka[/nom]So... MS engineers/technicians can't configure a Linux machine? That explains a few things security wise.Cheers![/citation]

Ignorance is bliss eh Yuka?
Linux can't get viruses and they've never existed on Linux. EVER.
I mean, it's not like every Fedora Core system has had gaping exploits. Right?

That aside, it's what happens when you allow your lab environment to be exposed to the internet. Seems like a poor deciscion.

 

[saymi]

"the hacked network devices run a Linux kernel?" İnteresting

 

[Guest]

HaHa! They use Linux for DNS lmao!!! And they top it off by admitting it was "HUMAN ERROR"..... ;-D

 

[cscott_it]

To make sure there is no misunderstanding, Linux is secure.
It's not being probed like Windows, but there have been plenty of security holes in it since it's inception.

In addition, don't forget about cross platform security issues (web) in addition to user error (users running their machine as root, rather than using elevated privelages for certain tasks).

Like a Red Hat / Fedora Core that was susceptible to what is the Linux verison of a null user session style attack.

 

[randomizer]

Whether they were running GNU/Linux, Windows or OS/2 is irrelevant and it is quite likely that they threw that comment in there to divert attention from where it should be: the systems administrator(s). Any computer that acts as a server online is vulnerable to attack if it is not properly configured.

 

[Yuka]

[citation][nom]cscott_it[/nom]Ignorance is bliss eh Yuka?Linux can't get viruses and they've never existed on Linux. EVER.I mean, it's not like every Fedora Core system has had gaping exploits. Right?That aside, it's what happens when you allow your lab environment to be exposed to the internet. Seems like a poor deciscion.[/citation]

I've heard that not knowing how to read is Godly.

Cheers!

 

[the_krasno]

So we have fake drugs, child porn and identity theft and these guys are more well known for spamming? What has the world come to?
More importantly, being so serious crimes why haven't they been stopped if authorities can track them through the spam?

 

[Vladislaus]

[citation][nom]2real[/nom]or that linux isn't as secure as you think[/citation]
Linux/Unix is the most widely used OS system on servers. Even though their popularity on servers they are still the OS with less security holes. Of course this doesn't mean that it's 100% secure.

 

[eddieroolz]

Looks like someone is getting fired over this.

 

[shoshu]

hey Microsoft is using LINUX, so much for the "better" Windows haha
they just proved themselves LINUX is better than WINDOWS , period!!

 

[dillyflump]

My inbox was forever getting non stop spam from these fake drug websites, they use numerous names inc the likes of canadian pharmacy, ukpharmacy online ect ect... not suprisingly the emails were all through hotmail.com domains. It's so bad infact i've actually banned all hotmail.com and hotmail.co.uk addresses in my mail client.

 

[f-14]

[citation][nom]2real[/nom]or that linux isn't as secure as you think[/citation]
OR linux is only as secure as the microsoft engineers operating it! if i worked for microsoft and as an engineer and i was trying to tow the line for my brand i'd f' linux up too. but i am a perfectionist therefore i can not be a microsoft engineer as i wouldn't do a hack job in designing any system! oh and i'd still be working on making the kernel work with everything in happy harmony in a contiunious battle never finishing my project as nothing ever stop changing in life.

i do not know if brian krebs is trying to pull a fast one to gain publicity for his blog, but the way this is written i think kevin parrish has something against security blogger Brian Krebs who said that one of the compromised Microsoft computers was also used to launch a denial of service attack on his website twenty-four hours after he published a criminal online service that sold stolen credit card numbers for less than $2 each.

what say you Kev? say it isn't so! botched a copy and paste job didn't you? heh heh it happens to all of us eventually

 

[hellwig]

The attack began twenty-four hours after he published a criminal online service that sold stolen credit card numbers for less than $2 each.

I'm guessing you left out something, maybe he published a REPORT on the criminal online service?

Still, if these DNS servers are in a Microsoft Lab, why is anyone using them? Seriously, who (either individual or ISP) would route there data through the first IP that responded to DNS traffic? I mean, I could setup a DNS server that directed EVERY website to tomshardware, but if no one configured their computer to use it, there wouldn't be any problem. I wanna know who's using these servers.

 

[Guest]

haha, microsoft isnt using windows server edition. shows how much faith they have in the home brand

 

[Shadow703793]

[citation][nom]cscott_it[/nom]Ignorance is bliss eh Yuka?Linux can't get viruses and they've never existed on Linux. EVER.I mean, it's not like every Fedora Core system has had gaping exploits. Right?That aside, it's what happens when you allow your lab environment to be exposed to the internet. Seems like a poor deciscion.[/citation]
Exactly. No OS is secure as long as it's connected to the Net. Even if it's not connected to the net, it's still not secure. There are things you can do to minimize security risks and that's all you can do.