Hacker explains reason behind Reliance attack, provides a fix
| by Aaron Almeida |
At the beginning of the month, the Internet community was in uproar over the move to block file hosting sites, like The Pirate Bay and even video sharing website, Vimeo. It is widely believed that Reliance Entertainment had secured a John Doe court order for their upcoming release, Dangerous Ishhq. This prompted many Internet service providers to block these bittorent sites to combat piracy. The news of the blockage has left many users perturbed, but without much of a say other than posting messages on Twitter or Facebook. However, two individuals with the know-how of the issue planned and did something about it. A hacker, who goes by the name Isac, and his friend hackthis29 attacked the major Internet service provider Reliance. In a detailed explanation to Softpedia, Isac stated his motives behind the hack of Reliance.
As per the report, Isac informed Softpedia that he had seen Reliance block a range of websites, including Pastebin. So, he decided to do something about it by checking out the security measures of Reliance. He said, “So about a week ago I had the tried accessing pastebin.com and it was also blocked. That was the last straw so I hacked into the netsweeper panel [of Reliance] that is really, really vulnerable. I did it in like 5min's tops and had obtained full permissions to add any URL to the block list and modify the error pages.” The website went on to explain by giving an example that a hacker could add google.com to a deny list and attribute it with a custom error page. In turn, this page will be designed to replicate a site that is authentic, but will have a malicious code concealed within in.
Reliance susceptible to hacks
Isac goes on to state that by using this Zero-day flaw, it is not only Reliance that can get affected, but other service providers as well. He categorically states that he has no malicious intent and proposes a fix for this, by stating, “The only fix that I can suggest for now that will not affect the system is to use longer passwords so the password hashes cannot be cracked, and to remove the other default users and change the password of the root SQL user that most netsweeper systems have by default.” But this is only a work around fix and the company is the only one that can permanently fix this issue.
Tags: Reliance hack , Reliance hacked , hacker Isac , Isac Reliance hacker , Isac Reliance hack , Reliance hack fix , fight Internet Piracy , Department of Telecommunications , Vimeo , Reliance Communications , DoT blocks Vimeo , Zylog Wi5 , The Pirate Bay , fight Internet Piracy , MegaUpload , Vimeo , John Doe injunction , DoT blocks Vimeo , ISP-wise block , The Pirate Bay , MegaUpload , John Doe injunction , ISP-wise block
12 Dec, 2013, 01:09 PM
12 Dec, 2013, 12:36 PM
12 Dec, 2013, 09:33 AM
Thu Dec 12, 15:07:29
Thu Dec 12, 14:57:47
Thu Dec 12, 14:22:39