14 DAY TRIAL // The public mailing list of Kali Linux, the penetration testing distribution developed by Offensive Security, has been hacked by Libyan hackers of The GreaT TeAm.
According to Kali Linux representatives, the targeted domain, lists.kali.org, is an inactive third-party mailing list.
“Looks like our inactive, 3rd party, 0 volume mailing list was hacked. DNS entry removed - back to sleep, problem solved,” they wrote on Twitter after shutting down the subdomain.
A mirror of the Kali Linux mailing list defacement is available on zone-h.org.
The hackers have confirmed for The Hacker News that the subdomain is hosted by Mailman List. The service provides hosting for email discussion lists on its Mailman list servers.
The attackers claim to have leveraged the Heartbleed bug and other vulnerabilities to gain access to the administrator credentials for the Kali account.
Last week, hackers of The GreaT TeAm managed to breach and deface a section of the website of Egypt’s Ministry of Information. It took the site’s administrators more than 24 hours to remove the defacement page.
The GreaT TeAm, also known as the Libyan Cyber Army, was founded in 2009. The group focuses on attacking websites in the US, the UK and Israel. While some of their attacks are politically motivated, they also carry out cyberattacks just “for fun.”
Looks like our inactive, 3rd party, 0 volume mailing list was hacked. DNS entry removed - back to sleep, problem solved.
— muts (@kalilinux) April 30, 2014