Tuesday, June 9, 2009
Astalavista Part 2
Seems that the tragedy continues,
He was also part of Astalavista ( RIP ) staff. Looks like everyone involved in that cult is a security expert.
infosec.org.uk - PWNED
and some others websites owned by Astalavista Staff has been hacked and all user details have been exposed.
Take a look at this new full disclosure
Response From Astalavista Staff: <- so LOL
I am going to report back what exactly happened. It was not a real hack but an exposure of my plaintext password on Astalavista Defacement.
Through that they logged in to my gmail account where I keep lot of passwords as it is a private email account and they get access to the server.
Including crownvip and root password!
They were logged in on the server yesterday as crownvip username from a korean ip which after I port scan seems to be a proxy. I did not give too much attention on that but this account password is on my gmail account and its 8 numeric letters only. I do not believe that they bruteforce sshd to get this account as I have installed BFD (Brute Force Detection) on the server while I was hardened him.
Everything is recovered back and we are working to bring the server live while we upload the delete backups back to the server.
Backups already recovered