Security News > 2008 > October > Report: Russian Hacker Forums Fueled Georgia Cyber Attacks
http://voices.washingtonpost.com/securityfix/2008/10/report_russian_hacker_forums_f.html By Brian Krebs Security Fix The Washington Post October 16, 2008 An exhaustive inquiry into August's cyber attacks on the former Soviet bloc nation of Georgia finds no smoking gun in the hands of the Russian government. But experts say evidence suggests that Russian officials did little to discourage the online assault, which was coordinated through a Russian online forum that appeared to have been prepped with target lists and details about Georgian Web site vulnerabilities well before the two countries engaged in a brief but deadly ground, sea and air war. The findings come from an open source investigation launched by Project Grey Goose, a volunteer effort by more than 100 security experts from tech giants like Microsoft and Oracle, as well as former members of the Defense Intelligence Agency, Lexis-Nexis, the Department of Homeland Security and defense contractor SAIC, among others. The group began its inquiry shortly after the cyber war disabled a large number of Georgia government Web sites. Starting with the Russian hacker forum Xaker.ru (hacker.ru), investigators found a posting encouraging would-be cyber militia members to enlist at a private, password-protected online forum called StopGeorgia.ru. Grey Goose principal investigator Jeff Carr said the administrators of the hacker forum were keenly aware that American cyber sleuths were poking around: Within hours after discovering the link to the StopGeorgia site, Xaker.ru administrators deleted the link and banned all access from U.S.-based Internet addresses. [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/
News URL
http://voices.washingtonpost.com/securityfix/2008/10/report_russian_hacker_forums_f.html
Related news
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)