Archive for February 2014

EC Council website that certifies ethical hackers has been hacked


As of Saturday, February 22, 2014 at 8:00pm EST, it seems like the main website operated by EC-Council has been
hacked.  On the site is an image of Edward Snowden’s passport and text stating, “owned by certified unethical software security professional -Eugene Belford”.  Eugene Belford, is a character from the movie “Hackers”.
Edward Snowden, the man who turned whistle-blower against the National Security Agency (NSA) and revealed its
 global spying program, was trained by EC-Council as a Certified Ethical Hacker (CEH).
The hack maybe a DNS hijacking attack,  the information below kind of point that way:
Server:            75.75.75.75
Address:         75.75.75.75#53
Non-authoritative answer:
Name: eccouncil.org
Address: 93.174.95.82



As of Feb. 23, it seems as though EC-Council has not gained control of their website.  An update was posted on the
 EC-Council site stating:
“owned by certified unethical software security professional
Obligatory link: http://attrition.org/errata/charlatan/ec-council/ -Eugene Belford
P.S It seems like lots of you are missing the point here, I’m sitting on thousands of passports belonging to LE (and .mil) officials”



The company that is most famous for its Certified Ethical Hacker(CEH) certification has been hacked by a hacker who claims to be a 'certified unethical software security professional' going by the alias Eugene Belford. EC Council is the world's leading provider of certifications and training in the information security domain led and co-founded by Indian born Jay Bavisi.
The hacker left the EC-Council website with the Passport of Edward Snowden. According to the New York Times, NSA whistleblower Edward Snowden took a course and received a certification from EC-Council as a "Certified Ethical Hacker," his application for the same is uploaded on the website as well. Interestingly, according to Delhi-based Koenig training institute, Snowden attended a six-day "security analyst and ethical hacker" course there which would prepare Snowden for another EC-Council course EC Council Certified Security Analyst (ECSA).
The hack was confirmed by many security researchers from all over the world in a matter of minutes including Kevin Mitnick, world's most wanted computer hacker turned security consultant who tweeted “EC Council hacked? Snowden's passport page was on their website”. Ian Fagan, a security researcher from New Jersey pointed out that the alias is from a popular movie called Hackers, “Eugene Belford aka ThePlauge from HACKERS the movie!” he tweeted
According to Virus Total, ”The IP address that is controlling the attack was used earlier this month in an attack on a Flash-based game called Realm of the Mad God.” The exact amount of damage caused by the attacker is yet unknown but when we look at the source code of the page we know the attacker uploaded the two pictures directly on to the EC-Council web server which means that the website is definitely compromised.
DNA attempted to contact EC-Council but there was no response.

http://www.cyberwarzone.com/ec-council-website-hacked



Monday, February 24, 2014
Tag :

Pageviews

Followers

Powered by Blogger.

- Copyright © 2013 Selva Sharing -Selvasharing- Powered by Blogger - Designed by @ Access -