Search This Blog

Showing posts with label KDMS Team. Show all posts

Metasploit and Rapid7 DNS hijacked and Defaced by Kdms Team

The domains of and its parent company had been hijacked and defaced by the Kdms Team.  They had previously also had taken down down several high profile computer security related targets.

Mr. HD Moore (Chief Research Officer of Rapid7 and Chief Architect of Metasploit) told EHN how the domain was hijacked.

And when asked if the Domains were back in their control he said "yes" and explained why some people are still seeing the deface page.

Please note that a DNS attacks DOES NOT affect the server of the hacked site in anyway. Anybody could fall victim to it . The blame belongs to the Registrar not Rapid7.

This shows how even if you have the strictest security mechanisms there is always a "weak spot" that could be exploited and more often than not it is the "Human" element that is weakest. 

Hacking attempt by KDMS Team to deface Avast website failed

KDMS Team, the Palestinian hacker group who defaced the websites of Avira, WhatsApp, AVG , is also said to have attempted to hijack Avast website.

Avast realized and thwart the hackers attempt to compromise domain , when they received a notification from Network Solutions saying their email had been changed.

"We knew we had not requested that so we immediately took action and changed our passwords, which protected us" Avast CEO said.

Users and customers of the affected websites no need to worry- No user data is compromised. It is a DNS hijack attack in which hackers break into domain provider and modify DNS records.

Avira, AVG, Alexa and WhatsApp websites hacked by KDMS Team

The hackers group who defaced the popular hosting website LeaseWeb has once again attacked top websites and left them defaced.

It includes the popular messaging service WhatsApp, top free antivirus AVG, Avira, Alexa( and Porn website RedTube.

The whois data of the affected domains apparently shows that they are registered with Network Solution.

It appears hackers compromised the domain provider and changed the DNS data rather than attacking individual websites.

At the time of writing, the avira website still shows the defaced page whereas other websites are offline including

AVG has confirmed to E Hacking News that "it has had a select number of online properties defaced as a result of our domain name system (DNS) registrar being compromised".

"A number of other companies appear to have been faced with the similar issue. The situation is being further monitored and assessed closely. Customers are our priority, the DNS records have been corrected and AVG is working hard to resume normal service levels to its customer base and continue to protect our customers and their privacy."

LeaseWeb hosting site hacked and defaced by KDMS Team

LeaseWeb, one of the leading hosting providing company, has been breached and defaced by a hacker group named "KDMS Team".

"Who Are you? Who is but the form following the function of what and what are you is a hosting company with no security" The hackers wrote in the defaced page. ""KDMS Team: Well, we can see that :P ".

"Do You know what that means? We owned All of your hosted sites.  Index on your site is the prove ;)" The hackers added.

The company has responded to the security breach saying " Website should be back to normal in a few hours. No customer data compromised. We continue to investigate."

However, hacker posted in facebook saying " No customer data compromised ! sure?! :| investigate ? will you find any thing ?".