Attached Link: http://www.mec4d.com/media/

They do it because they can.

It's like a game, and they get points for every site they can deface. Seriously.

I'd bet you almost any amount of money that they came from Brazil, too. We've had so many attempted break-ins on our server from Brazil that we finally had to block pretty much the whole country. :-(

It's not you. They don't know you, don't care about you, don't care what your site is about or anything else. They just search for servers with vulnerabilities they can exploit, and they do and then get the "points" in their sick little game.

bonni

Message edited on: 08/17/2005 01:02

They are a P.I.T.A I had 5 index.html files overwritten the other day with some slogan - just wish these script kiddies would get a life.....

If there's anything I really hate from the bottom of my heard it's those hackers and virus-and-such-crap-makers.Why can't they get a real hobby? I hope you can fix the problem soon.

Brasil has 160 million inhabitants, the ISP provider that I use have one million ADSL users from only one city!.......

Message edited on: 08/17/2005 03:50

Inform your local authorities about this attack. Its falls under Cyber Terroism. Provide any logfiles you have (e.g. IP adresses of attacker, attack time) to the authorities. They will find and punish them. Its illegal in every country around the world. Its the same as someone breach into your house and vandalise them. More importent if you have a online shop and its hinder you to gain profit you could charge the attacker for the lost money. In which country do you life cath? I might can provide you help.

I agree with ethan. I had some hackers from Brazil hack into my server, put illeagal software on it and they were actually selling it from my server. Luckily my systems guy was very smart, found it and blocked them out. I was contacted by someone who had been tracking them and they were able to trace them from the trail they left on my server and put them out of business. These hackers are very good at putting the illegal stuff in folders you don't think to look in. cheerio lululee

Cath, repair your firewall, change passwords to more secure ones, and make some effort to learn the IP address of the hacker. These script kiddies will often use password dictionaries to aid in determining yours. If this is the case, it indicates your passwords are similar to, or identical to, some well-known entries in these dictionaries.

I am so sorry to hear that!!And this really scares me as well. I hope they didn't cause too much troubles and that you can secure your site. And you are right, some people are just mean bad! I feel sorry for you. Hugs my friend! --Nef

Thanks for the info guys! they don't got that much access to the server because Store is fine and only the media room where the indexes was on 777 recommended by the script maker, so from now i go to 644 and don't listen to the script no matter what... somebody was on the same time log in as me while I updated the Media Room so i covered his IP with my own.. so I can't locate anybody but you know they can hide one IP and replace them with any other they wish so it will not help you always.. I go to fix all things and Mychelle my dear , backups, backups, backups... and replace your all passwords after anything like this....... You know, I understand when my company name was Microsoft but doing this way it is really the last thing you are waiting for... my Mec4D server is in the USA California and I got peace for some time but after short period after I reopened my store again many strange things happen again so I guess somebody know what they do... it is not just a joke from Brazil. back to .php Cath

Sorry to hear of your problems Cath. We got hacked over at PlanIt 3D a while back and I ended up fixing it at 4:30 in the morning. It was only blind luck I was still logged in to the site at that hour, so it didn't cause much disruption.

This is from an article published in 2004...

Brazil has become the global capital for computer hacking and internet fraud, according to experts meeting in the country's capital, Brasilia.

Some 500 experts from around the world are attending the first international conference to combat electronic crime.

Brazil is home to eight out of 10 of the world's hackers, according to federal police at the conference.

Within Brazil, the amount of money lost in internet financial fraud outstrips that lost through bank robberies.

Roughly two-thirds of the internet's child pornography pages are also said to originate in the country.

These statistics are supported by security experts from other countries who say some 96,000 hacking attacks were launched from Brazil last year - six times more than any other country.

Intellectual challenge

Many of the hackers work in groups with names like Breaking Your Security or Virtual Hell.

The explosion in hacking is blamed, in part, on weak legislation.

Hacking itself is not a crime in Brazil so police have to prove fraud has taken place in order to prosecute.

Brazilian hackers often do not consider themselves criminals, saying they break into sites for the intellectual challenge rather than to steal.

Last year, websites in the US were the target of the huge majority of hacking attacks.

• Source= http://news.bbc.co.uk/2/hi/americas/3657170.stm

Inform your local authorities about this attack. Its falls under Cyber Terroism. Provide any logfiles you have (e.g. IP adresses of attacker, attack time) to the authorities. They will find and punish them. HAHAHAHAHAHAHAAAAHHHHH!!!!!!!!!!!!!!!!!!!! Wow, I needed a good laugh this morning! bonni

"These statistics are supported by security experts from other countries who say some 96,000 hacking attacks were launched from Brazil last year - six times more than any other country."

With exception of Russia and the U.S. tell how much population the other countries have?
The amount of hackers is proportional to the population and internet users.
Another fact is that people that deals with internet in Brasil are more skilled compared to other countries and is very big the number of programmers.
The hackers are not a problem, they are inofensive, the problem are very well organised and skilled criminals that rob from bank accounts and of course, the complete lack of security of Microsoft products.

Message edited on: 08/17/2005 18:56

"The hackers are not a problem, they are inofensive" Trust me, at 4:30 in the f*cking morning having to tear out all the stuff the script kiddies had plastered over our site I found them VERY offensive!

More pissed off you are more happier the kids are, that's the game, but the only harm that they do is to your pride. When I was a student at the University there was a challenge to change the add operation of the computer to add plus one, nobody could do it, the computers were not running Windows!

Brasil has 160 million inhabitants, the ISP provider that I use have one million ADSL users from only one city!....... Oh, I don't think that all Brazilians are hackers. :) Only that when we DO get an intrusion, we notify the ISP (along with log entries) and then, if we don't hear back from them, we block them. So far we've ended up blocking most of Brazil and a couple of ISPs in Hungary (and at least one U.S. site). bonni

the only harm that they do is to your pride Bullshit. Last time they got into my server they fucked up a SHITLOAD of stuff, used one of my domains to set up a warez distribution URL (they got into the name service), and they broke my mail server. Don't tell me they don't do damage. These people are fucking vermin. bonni

"Oh, I don't think that all Brazilians are hackers." Let talk only about the one million users that I know, I have no data about the other ISP providers or modem users, of course that must be several millions. Let suppose that 0.1% of internet users are hackers, the result is 1,000 hackers ready to attack you! " :) Only that when we DO get an intrusion, we notify the ISP (along with log entries) and then, if we don't hear back from them, we block them. So far we've ended up blocking most of Brazil and a couple of ISPs in Hungary (and at least one U.S. site)." One million users from only one ISP provider, if you look at the number of IPs reserved to this provider you will find that the number of possible combinations is below one million, this means that one IP is shared by many users, so you are blocking a lot of people without any reason and this is not good is you are running a business, for the hacker there is no problem, he always can find a way to reach you.

so you are blocking a lot of people without any reason and this is not good is you are running a business How about this: I've never in my entire professional life had any legitimate business from Brazil. Frankly, I care a lot more about keeping my mail server from being mangled and my domains from being used to point to warez distribution sites than I do about the potential loss of business. bonni

"I've never in my entire professional life had any legitimate business from Brazil." In days of globalization you never know from where your money comes

Well, to those thousands of Brazilians who are desperate to get me to design them a website or make them a digital illustration, I apologize. ;-) bonni

And just to note, according to netcraft, her site is running Linux NOT Windows, and has been since at least January. BTW, her's is the 1,895,766th most visited site (Google is Number 1). Most websevers aren't running Windows so blaming the problem on criminals and Windows is a little much. Renderosity: Apache/2.0.40 Red Hat Linux - 210,524th most visited site. Renderotica: Apache/1.3.29 Unix PHP/4.3.4 mod_ssl/2.8.16 OpenSSL/0.9.7c - 1,124,636th most visited site Whitehouse.gov: Solaris 8 - 319,935th most visited Penthouse.com: Apache/1.3.33 Darwin prxp_module/1.8.8 PHP/4.3.11 - 177,263th most visited Sorry, got carried away :-)

When I was a student at the University there was a challenge to change the add operation of the computer to add plus one, nobody could do it, the computers were not running Windows!

As above - my server certainly aint Windows..... Message edited on: 08/18/2005 03:18

A site can only be attacked if the software that is using allows the attack. You can divide the software of a site in two parts: - The operational system - Your software Using Windows as operational system is a nightmare, because is unsecure and full of doors opened for hackers access. You never will be able to have a secure Windows applying all the released Microsoft patches, the only way to have a secure Windows is to edit Windows turning it into a non coventional and particular Windows and is possible to do it. If you are using Linux or BSD as operational system solves the first part of the security problem remaining the second part, your software. A secure operational system doesn't make miracles, it is unable to protect you if your software is unsecure. If your software is unsecure and you are attacked the only difference between running a secure operational system will be: - Secure operational system Your site will be attacked or hacked, but the attack remain limited only to you. - Unsecure operational system Your site will be attacked or hacked and the attack can be propagated to other users of the same unsecure operational system. The other combinations are if your sofware is secure: - Unsecure operational system You can be attacked because the attack comes through the operational system and not your software. - Secure operational system You never will be attacked. A simple question: Have ever the Renderosity site been attacked or hacked??? I never knew that this happened, only MySQL has gone away and nothing more! What does it means? Renderosity is running a secure operational system (Linux) and the site software (Bondware) is secure.

The only way to have a secure computer is not to connect it to anything else. And keep it in a locked room.

" The only way to have a secure computer is not to connect it to anything else."
Well my work computer has no internet conection, no network, no modem. The other computer I use only for internet, but I don't use firewalls, no active antivirus, download tons of stuff, use P2P and never get a virus.
Time to time I have to clean the spies with ad-aware only after the few times that I use IE.
In other words I don't care about security because I have a secure system and know very well what I am doing.

Message edited on: 08/18/2005 04:39

Message edited on: 08/18/2005 04:40

The story starts with an idiot insulting everyone on an IRC channel. Most people there believed it was rather funny, but it got even more funny. For information: The dangerous hacker is called bitchchecker. 127.0.0.1 is always the IP-adress of the computer you're currently using, any request there will return to your computer. Quote: * bitchchecker (~java@euirc-a97f9137.dip.t-dialin.net) Quit (Ping timeout#) * bitchchecker (~java@euirc-61a2169c.dip.t-dialin.net) has joined #stopHipHop why do you kick me can't you discus normally answer! we didn't kick you you had a ping timeout: * bitchchecker (~java@euirc-a97f9137.dip.t-dialin.net) Quit (Ping timeout#) what ping man the timing of my pc is right i even have dst you banned me amit it you son of a bitch <HopperHunter|afk> LOL <HopperHunter|afk> shit you're stupid, DST^^ shut your mouth WE HAVE DST! for two weaks already when you start your pc there is a message from windows that DST is applied. You're a real computer expert shut up i hack you ok, i'm quiet, hope you don't show us how good a hacker you are ^^ tell me your network number man then you're dead Eh, it's 129.0.0.1 or maybe 127.0.0.1 yes exactly that's it: 127.0.0.1 I'm waiting for you great attack in five minutes your hard drive is deleted Now I'm frightened shut up you'll be gone i have a program where i enter your ip and you're dead say goodbye to whom? to you man buy buy I'm shivering thinking about such great Hack0rs like you * bitchchecker (~java@euirc-61a2169c.dip.t-dialin.net) Quit (Ping timeout#) What happened is clear: That guy entered his own IP-Adress in his mighty Hack-Tool and crashed his own PC. This way, the attack on my PC was a failure. I was already starting to think that I did not have to worry, but a good hacker never calls it a day. Two minutes later he returned. Quote: * bitchchecker (~java@euirc-b5cd558e.dip.t-dialin.net) has joined #stopHipHop dude be happy my pc crashed otherwise you'd be gone lol bitchchecker: Then try hacking me again... I still have the same IP: 127.0.0.1 you're so stupid man say buy buy ah, [Please control your cussing] off buy buy elch * bitchchecker (~java@euirc-b5cd558e.dip.t-dialin.net) Quit (Ping timeout#) There was a tension in the room... Would he manage, after these two failures, to crash my PC? I waited. Nothing happened. I felt relieve... Six minutes passed by until he prepared the next wave of attack. Being a Hacker, who usually cracks whole data centers, he knew what his problem was now. Quote: * bitchchecker (~java@euirc-9ff3c180.dip.t-dialin.net) has joined #stopHipHop elch you son of a bitch bitchchecker how old are you? What's up bitchchecker? you have a frie wal fire wall maybe, i don't know i'm 26 such behaviour with 26? how did you find out that I have a firewall? tststs this is not very nice missy because your gay fire wall directed my turn off signal back to me be a man turn that shit off cool, didn't know this was possible. thn my virus destroys your pc man are you hacking yourselves? yes bitchchecker is trying to hack me he bitchchecker if you're a hacker you have to get around a firewall even i can do that yes man i hack the elch but the sucker has a fire wall the what firewall do you have? like a girl firewall is normal a normal hacker has to be able to get past it...you girl^^ Bitch give yourself a jackson and chill you're letting them provoce you and give those little girls new material all the time turn the firewall off then i send you a virus [Please control your cussing]er Noo he bitchchecker why turn it off, you should turn it off you're afraid i don't wanna hack like this if he hides like a girl behind a fire wall elch turn off your shit wall! i wanted to say something about this, do you know the definition of hacking??? if he turns of the firewall that's an invitation and that has nothing to do with hacking shut up lol my grandma surfs with fire wall and you suckers think you're cool and don't dare going into the internet without a fire wall He calls me girly and says only his grandma would use a firewall. I know that elder people are much more intelligent then younger, but I couldn't let that rest. To see whether he really is a good hacker I lie and let everything as it is. I don't have a firewall at all, only my router. Quote: bitchchecker, a collegue showed me how to turn the firewall off. Now you can try again bitchhacker can't hack <Black> nice play on words ^^ wort man bitchchecker: I'm still waiting for your attack! how many times again he is no hacker man do you want a virus tell me your ip and it deletes your hard drive lol ne give it up i'm a hacker myself and i know how hackers behave and i can tell you 100.00% you're no hacker..^^ 127.0.0.1 it's easy lolololol you so stupid man you'll be gone and are the first files being deleted mom... i'll take a look In panic I started the Windows Explorer, my heart beating faster. Had I under-estimated him? Quote: don't need to rescue you can't son of a bitch that's bad elch you idiout your hard drive g: is deleted yes, there's nothing i can do about it and in 20 seconds f: is gone Yes, true, G: and F: were gone. Did I ever have them? Doesn't matter, I did not have time to think, I was scared. bitchchecker was comforting me with a music tip. Quote: tupac rules elch you son of a bitch your f: is gone and e: too Drive E Oh my god... All the games are there! And the vacation pictures! I instantly take a look. Everything still there. But the hacker said it was deleted.... Or isn't it happening on my computer? Quote: and d: is at 45% you idiot lolololol why doesn't meta say anything he's probably rolling on the floor laughing <Black> ^^ your d: is gone go on BITCH The guy is good: My CD-drive is allegedly deleted! Bitchchecker turned my ancient disk sucker into a burner! But how did he do this? I'll have to ask him. Some encourage him. He himself is giving advice how to avoid the disaster on my hard drives. Quote: elch man you're so stupid never give your ip on the internet i'm already at c: 30 percent Should I tell him he's not attacking my computer? Quote: * bitchchecker (~java@euirc-9ff3c180.dip.t-dialin.net) Quit (Ping timeout#) Too late... It's 20:22 when we get the last message of our hacker with the alias "bitchchecker". We see that he has a "Ping timeout". We haven't seen him since then... must be the Daylight Saving Time.

There are people who would have paid money to be watching that happen... There are people who are going to be wondering if it ever really happened. Real or fake, it's the stuff of legend -- the hacker who crashed the machine at 127.0.0.1

LOL

"There are people who would have paid money to be watching that happen..." Me included. ~lmao~

In days of globalization you never know from where your money comes Lol. You never know who's stealing it, either. Why are you defending Brazilian hackers, and Brazil's cyber-crime problem?

Who is defending whom?????? Remember that data of millions of credit card users were stolen in the U.S., so where's the cyber-crime problem?????

Kawecki, just go back and read your posts and the attitude that comes across is very defensive of the Brazillian Hackers. If that's not the attitude you meant to convey to us, maybe you should try changing your writing style a tad bit. I had the complete feeling from your writings that you were kinda proud of the hackers actually! If that's not the case, all I can say is it's your writing style. You come across sounding very much like the hacker in that little story I posted.

Who needs to read again is you!
What I am saying is that Brasil has a large population that can be compared to the US and Russia and the number of internet users is increasing every day, the number of hackers is proportional to the number of internet users, so the country number 1 in hackers is the U.S. and the number 2 probably is Brasil or Russia.

Message edited on: 08/19/2005 01:18

I'm not the one writing arrogant and abrasive posts Kawecki.

?????

The population of Brazil is around 60% of the USA's population, yet they still managed to launch six times as many hacking attacks than any other country in 2003/2004.
Unfortunately I can't locate any more recent data on the number of internet users in each country, but in 2002 there were 159 million in the US as against 14.3 million in Brazil and even back in 2002 Brazilian hackers were quoted as "the most prolific in the world" and it was estimated that "Brazilian hacking in 2002 has cost billions of Dollars in G-8 countries alone."

If you Google brazil+hackers there are countless articles to be found, and some of them make very interesting reading. Quote sources = http://www.xatrix.org/article.php?s=2291 http://news.bbc.co.uk/1/hi/technology/2210186.stm

And Russia where fit????

That rather depends whether you mean the new Russia, or the Old Soviet union as a whole, but it does state in the second source link I've published..."Brazilian hackers are now the most prolific in the world, taking over from Eastern European groups which dominated cyber-attacks in the 1990s, according to security firm mi2g." More worrying still is the statistic that "About two-thirds of the internet's child pornography pages are also said to originate in Brazil."

" That rather depends whether you mean the new Russia, or the Old Soviet union as a whole" The URSS don't exist anymore and had no internet! "More worrying still is the statistic that "About two-thirds of the internet's child pornography pages are also said to originate in Brazil."" I cannot answer you because I don't visit child pornographic sites, so I don't know if is true or lie. One more thing about Brasil, maybe can explain something: There is a great increase in the use of Linux and many measures taken to adopt Linux as the official OS to be used in any govermental institution, what of course, is very bad for Micro$oft!.......

Errr, it wasn't actually a question, merely a statement of informed expert opinion. I would hope that noboby here actually visits that type of site, but we're all too aware of their existance. I don't think that any of this has much to do with Microshaft as Apache has a hugely superior market share. Here are the figures as of August 2005 Apache 69.60% Microsoft 20.53% Sun 2.73% Zeus 0.90% The only thing I can see that might (and I stress might here) happen by adopting Linux as a national OS is that the hackers would concentrate more on learning to hack web servers on that particular platform.

Message edited on: 08/20/2005 10:29

Some information for clearing the situation

1. In Brasil is illegal real sex with children
2. Most of the ISP providers are international companies, mine is a Spanish one.
3. No ISP provider, local or international, have any interest to be involved with any illegal activity.
4. Anyone involved in illegal activities cannot be located, because is behind firewalls, redirectors or hacks your site, without you knowing it, for distribution of illegal material, when your site is discovered and shut down, he hacks another site and continue the distribution.
5. Microsoft sites are much easier to be hacked than the others.
6. The Linux use is increasing among professional/official use, but the common and most people use IE, FrontPage and Microsoft servers. Mac users almost don't exist.

Message edited on: 08/20/2005 11:37

1. The fact that it's illegal doesn't stop it. 2) The key word is "originate" here. They "originate" from Brazil, no matter who owns the comapny that's carrying them. 3) No one is suggesting that ISPs are complicit in the dissemination of child porn, but they are (obviously) allowing their servers to be used without checking on the content. 4) People can be located, no matter how safe they think they are. All it takes is time, effort, and resources. The technology is already in place as has been proven by the number of arrests and prosecutions over the last couple of years. Internet forensics is coming on in leaps and bounds. What the situation lacks is responsibility from the ISPs. 5)No argument there, but as I've said the majority of internet servers run on UNIX/Linux. 6)I think you're confusing products here; IE is a browser, and is subject to completely different exploits. You can hack someone's personal or business computer via security holes in IE, but not a website which is what we're discussing. FrontPage is a program for producing code for a website front end, and is not connected to the net. As for Microsoft server technology this goes back to your 5th point...you can see from the figures I presented that it holds only aaround a 20% share of the market so no, most people don't use it.

"2) The key word is "originate" here. They "originate" from Brazil, no matter who owns the comapny that's carrying them."
How do you know? There were many credit card frauds when the IP was from Russia, but they really originate from the U.S.
You can fake any IP

"3) No one is suggesting that ISPs are complicit in the dissemination of child porn, but they are (obviously) allowing their servers to be used without checking on the content."
As I know most of the illegal tubers use Yahoo and MSN for sharing their illegal tubes, does it mean that neither Yahoo neither Microsoft care about piracy???

"4) People can be located, no matter how safe they think they are. All it takes is time, effort, and resources. The technology is already in place as has been proven by the number of arrests and prosecutions over the last couple of years. Internet forensics is coming on in leaps and bounds. What the situation lacks is responsibility from the ISPs."

Do you believe this???
Why the RIAA is unable to do something with P2P?

"5)No argument there, but as I've said the majority of internet servers run on UNIX/Linux."
Not in Brasil.

Message edited on: 08/20/2005 13:54

"Do you believe this??? Why the RIAA is unable to do something with P2P?" no, they can trace the IP's and have them on file. they don't have juristiction or groups with juristion in all the countries of the world. (small correction)

In case you haven't noticed, RIAA HAS done things to P2P owners that were in countries that had laws that could be used in prosecuting them! Can you say "Napster"? I thought so! As for "Faking" IP's, it's done by using redirects and every redirect that you use, leaves a trace somewhere. It's the nature of the system we use. Just because you can forge an IP and fool someone who doesn't know how things works, does NOT mean you've fooled the architects and engineers who've created the system you're using. Faked IP's can and are traced back by those who know how. I have not figured out yet whether you're just defending your country or trying to defend hackers, but you're sadly not going to win either arguement with lame statements like "You can fake any IP".

" "Do you believe this???
Why the RIAA is unable to do something with P2P?"

no, they can trace the IP's and have them on file. they don't have juristiction or groups with juristion in all the countries of the world."

I am speaking about the RIAA in the U.S., RIAA has only importance in the U.S.
In many countries file sharing is legal (i.e. Canada)

"Can you say "Napster"
Napster is an old story with an old technology. Napster was a site and all was centralised in it, but it took many years to find legal arguments and to be shut down.
The evolution and changes in technology are very fast today, when a new law arrives is obsolete and applies to an obsolete technology.

I am defending nobody, what make me sick is instead of making internet secure they are finding excuses, justifications, stupid laws and throwing the guilt on someone, meantime the computers are flooded with virus, spam, popups and spies.
Hackers are neither genius neither have an IQ of 500 as the current myth, in most cases are very stupid.
They hack because it is very easy to do it, requires no intelligence, in many cases requires only stupidity, and have no other thing to do in their lives.
NOTE: I am referring to the word "hacker" with the meaning that has in the U.S.

Message edited on: 08/20/2005 15:24

Well that's true enough. You have to look at it this way though, the internet as we know it now is still based on 20+ year old technologies and code. To make it more secure they really need to design something new from the ground up. Problems with that though are compatibility issues and money. So here we are today putting bandaids on 20 year old wounds and complaining that they aren't stopping the blood flow. We both agree, Hackers are stupid. I guess our differences are our understandings of english phraseology. Sometimes it sounds to me when I read your writings that you were taking sides that you weren't meaning to. In anycase, it all breaks down to Cath's original statement in posting. Some people are just pigs. ;) Hackers and script kiddies piss us off, break our website toys and make us unhappy. I think we can all agree with that.

correcting another misconception : "In many countries file sharing is legal (i.e. Canada)" sharing MP3's is legal in Canada. sharing software / movies etc is NOT legal in canada.

Sorry, I was thinking only about music(MP3).