IRC-Junkie.org – IRC News

All about Internet Relay Chat

Cracker Creates Havoc at Freenode

Last Saturday a user who was using the nick ratbert has been creating havoc after he gained the password of Freenode’s admin Robert Levin, aka lilo.

Once gained access he kill’ed and klined staff of the network, delinked servers and send out a global notice and attempted to abuse a mIRC DCC exploit.

-ratbert- I am a fat asshole, who loves abuse, die

-ratbert- DCC SEND YOUAREALLJUDENLOL

Eventually, also network owner lilo was killed by ratbert; * lilo has quit (Killed by ratbert (die ))

Once reconnected, lilo sent out the following global notice: -lilo- Hi all. As you may be aware, freenode has experienced a crack attack and we’re working on tracking down the details. At this point, we cannot guarantee that more problems will not occur.

Since then several security related questions have raised that remain to be answered. How was a user able to gain lilo’s password, and how come his access is not additionally protected by a specific hostmask?

At first users were afraid the attacker got hold of a substantial amount of private data from users, such as passwords. This turned out to be quite minimal however, confined to a series of new registrations at NickServ during the attack. Freenode admin HedgeMage explains: “We believe that <25 nickserv passwords were compromised during a limited window, but all concerned individuals are encouraged to change their nickserv passwords just in case.”

Although Freenode has a list of people they suspect being responsible for the attack, they do not want to release too much information on that as it might influence near future investigations. “We are not releasing our suspect list, but we have some reasons to expect that bantown or GNAA may have been involved”, according to Freenode admin HedgeMage.

Users from GNAA (the “world-famous trolling organization” quoted from their website) have been interrupting a session held by Freenode to answer some questions from its users.

IRC-Junkie has been trying to contact Freenode with additional questions but received no reply so far.

Thanks to upinsmoke for the tip.

Category: Hack, IRC, Networks
Tag: , , ,

Your email address will not be published. Required fields are marked *

*