KALI Linux Mailing List Website Hacked Using Heartbleed Vulnerability
One of the best and favorite Security pentesting operating is Kali Linux, which is the advanced version of the Back Track. The OS is specially designed for the security professional and own by Offensive Security Team. The OS comes with the more than 300 security testing tools pre-installed.
Just some hours ago, a Libyan hacker named as "(The GreaT TeAm)" have hacked and defaced the mailing list domain (http://lists.kali.org/cgi-bin/mailman/listinfo/kali) of Kali Linux. On the deface page hackers haven't wrote any message, just with greeting text "h4x3d by The GreaT TeAm" and"Libyan H4x0rz :D".
At the time of writing the the homepage of mailing list domain was showing the two list-
At the time of writing the the homepage of mailing list domain was showing the two list-
Kali with description Hacked By The GreaT TeAm -TGT
Kali-Dev with description Libyan Hackers
It is not cleared how the hackers have managed add the deface page on the server. May the mailing list site have been compromised or the server have been hacked. At the mean time the site was still showing the deface page and you can also check the Mirror of the hack at Zone-h.
The GreaT TeAm was the same hackers group who have also hacked Egyptian Ministry of Information Website two days before, and they also defaced a NATO subdomain .
UPDATE:-
After Contacting to the hackers team, they reported that, "kali team didnt check the security for mailmanlist.net before the linked thier domain "mailmanlist". The mailing list domain of Kali Linux is hosted on the Mailmanlist, and Mailmanlist website is Vulnerable to Heartbleed vulnerability.
After exploiting the Heartbleed vulnerability, hackers have managed to gain access to the mailmanlist users account vai stolen cookies and then searched for more vulnerable web applications. This allows him to gain the administrative credentials of Kali Linux Mailing list account.
The GreaT TeAm was the same hackers group who have also hacked Egyptian Ministry of Information Website two days before, and they also defaced a NATO subdomain .
UPDATE:-
After Contacting to the hackers team, they reported that, "kali team didnt check the security for mailmanlist.net before the linked thier domain "mailmanlist". The mailing list domain of Kali Linux is hosted on the Mailmanlist, and Mailmanlist website is Vulnerable to Heartbleed vulnerability.
After exploiting the Heartbleed vulnerability, hackers have managed to gain access to the mailmanlist users account vai stolen cookies and then searched for more vulnerable web applications. This allows him to gain the administrative credentials of Kali Linux Mailing list account.