14 DAY TRIAL // A group of hackers calling themselves Ninja have compromised several websites, including the carders.cc underground marketplace, the exploit-db.com tracker, the free-hack.com community, the ettercap project, the BackTrack Linux distribution and a milw0rm clone run by a crew known as Inj3ct0r.
The compromises were disclosed in the second edition of the "Owned and Exposed" hacking ezine (online magazine). The first issue was released back in May and covered the first compromise of carders.cc.
"We owned carders.cc (AGAIN) because they are unable to learn from their mistakes and keep spreading garbage around the underground," the Ninja hackers write.
The carders.cc forum is a marketplace for stolen credit card details and personal information. People there also deal in equipment used to create counterfeit cards.
The site currently displays a message informing members that the forum will be brought back online after the holidays. The admins note that no server is 100% secure.
The Inj3ct0r crew was targeted because they are considered just a bunch of script kiddies (hackers unable to write their own attack code), who cloned the defunct milw0rm exploits database.
"We owned inj3ct0r because they are lameass wannabe milw0rm kids whose sole purpose in life is to disclose XSS 0dayz in Joomla," the Ninjas say in their ezine.
The third target, free-hack.com, is a German hacking community where people discuss attacks methods and exchange special tools.
It doesn't appear to be involved in any fraud activities but according to the ezine, "they are developing into one of the largest, most arrogant script-kiddie breeding grounds on the intertubez."
A message displayed on free-hack.com at the moment notes that the future of the six-year-old website is uncertain. A decision as to whether to restore it or not has yet to be taken.
The exploit-db.com tracker and the BackTrack Linux distribution, two other Ninja targets, are maintained by a group of security professionals called Offensive Security, which ironically offer security training and certifications.
The ninjas claim that through exploit-db Offensive Security "leeches off" the real hacking scene and profits from its creations. "They all want fame so badly that they do anything and everything in order to be part of the security industry," the group writes.
The exploit-db admins acknowledged the compromise and even decided to host the ezine on their website. "There’s nothing like having your butt kicked Christmas morning, which is exactly what happened to us today. We were owned and exposed, in true fashion," they write.
"We are currently cleaning out our systems and analyzing the attacks – thankfully, the compromise was limited to non root access, and other than our egos, the damage is not severe," they add.
Finally, the Ninja hackers suggest that ettercap, a popular penetration testing tool, has been backdoored for the past five years. They also claim that its website was compromised via a flaw on Sourceforge, a large repository of open source projects.
"Some good advice to all other people/projects who are using Sourceforge: Move. There are enough good alternatives," the hackers conclude.