Home

WHID 2009-21: This Time Uno is after the Herald Tribute

Updated: 
18 February 2009
Attack Information
WHID ID: 
2009-21
Date Occured: 
17 Feb 2009
Attack Method: 
Outcome Information
Outcome: 
Target Information
Attacked Entity Field: 
Media
Attacked Entity Geography: 
USA
Source Information
Attack Source Geography: 
Romania

I must admit that Uno, the Romanian hacker behind a series of intrusions in recent days is a bit of a cheat for the Web Hacking Incident Database. We usually do not report vulnerabilities that where not exploited. While we understand their importance, they do not fall under the criteria set for WHID. For now we list them in a separate page, waiting for a place to be files in.

Uno presents a dilemma: he finds a vulnerability, exploits it to a limit and publish the results. Therefore the incident does not have a sizable outcome and not damage is done, but nevertheless it is interesting. We are not the only one to note that. Kasperski stressed the point the no data was actually compromised in their response to the event. So should we add it to WHID as an incident? should we skip it as just a vulnerability? for now we put them in.

So what is Uno's mischeif this time? This time it is the International Herald Tribune Uno is after. The impact of this attack, if carried out by a malicious hacker might have been profound as it seems that Uno got access to user name and passwords of editors and contributors, posibily enabling a malicious hacker to publish information on their behalf on this very prestigious newspaper.