NullCrew FTS hacks Comcast servers, post exploit and passwords

Summary:Hacking group "NullCrew FTS" announced on Twitter today that they had successfully hacked Comcast and provided unredacted proof on Pastebin.

In an unwelcome surprise for Comcast, hacking group NullCrew FTS announced on Twitter today that it has successfully hacked Comcast, providing a link on Pastebin to unredacted information as evidence.

The hackers claim to have gained access to, and published, what appears to be the Zimbra LDAP and MySQL passwords through a Local File Inclusion vulnerability.

According to OWASP a File Inclusion Vulnerability:

File Inclusion vulnerability allows an attacker to include a file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation. This can lead to something as minimal as outputting the contents of the file, but depending on the severity, to list a few it can lead to:

  • Code execution on the web server
  • Code execution on the client-side such as JavaScript which can lead to other attacks such as cross site scripting (XSS)
  • Denial of Service (DoS)
  • Sensitive Information Disclosure

NullCrew FTS also published a list of email servers, and an exploit that may work on those servers at this time. 

ZDNet is not able to state at time of publication whether or not customer information is at risk.

Comcast hacked tweet

The attack is from the official NullCrew Twitter account; the FTS contingent ("F*ck The System").

The Pastebin document contains NullCrew FTS's logo and taglines,

"You might take my life, But you can't take my soul."

"You might take my freedom, But you can't take my soul."

The Pastebin message reads:

  1. Hello there beautiful people of the internet, once again; we here at NullCrew have some fun information for you.
  2. This time, our target is Comcast, yet another internet service provider who proclaims to be a secured one; shall we test these claims as well?
  3. What is Comcast?
  4. Comcast Corporation is the largest mass media and communications company in the world by revenue.
  5. It is the largest cable company and home Internet service provider in the United States, and the nation's third largest home telephone service provider.
  6. Comcast provides cable television, broadband Internet, telephone service and in some areas home security (including burglar alarms, surveillance cameras, fire alarm systems and home automation) to both residential and commercial customers in 40 states and the District of Columbia.
  7. Okay!
  8. So, it's the LARGEST mass media and communications company in the world? Sweeeeet.
  9. Let's take a look at it, and see if we should be impressed.
  10. Below us, we have a list of Comcast mail servers; and each of these mail servers run on something called, "Zimbra."
  11. But each of these mail servers also are vulnerable to LFi, and you know what LFi can lead to, right?

The Hacking group announced their intentions on Twitter four hours ago. 

A Comcast rep responded cluelessly, and NullCrew FTS taunted the hapless rep during the ensuing four hours in which Comcast was attacked.

Comcast hack

According to the NullCrew FTS tweets, Comcast was victim to only one exploit.

comcat hack one exploit

ZDNet will update this post with more information as the story develops, and have reached out to Comcast for information and comment.

Topics: Security

About

Ms. Violet Blue (tinynibbles.com, @violetblue) is a freelance investigative reporter on hacking and cybercrime at Zero Day/ZDNet, CNET and CBS News, as well as a noted sex columnist. She has made regular appearances on CNN and The Oprah Winfrey Show and is regularly interviewed, quoted, and featured in a variety of publications that inclu... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.