Feeds

Wanna know how BT.com was hacked?

We had a sniff about and come up trumps

  • alert
  • submit to reddit

Build a business case: developing custom apps

Last week, we were contacted by a reader who claimed to have taken bt.com, btinternet.com and gameplay.com offline through a denial of service attack. We checked it out and he wasn't lying. The anonymous person went to great length as to why he had attacked BT, quoting its appalling Internet access packages as the source of his ire.

We don't condone such activity but we could certainly understand his frustration and seems as though most of you could too.

Since then we been sniffing about the Web to find how someone managed to bring down BT's main Web sites. While yer man was clearly technically very literate, had BT maintained his level of Net expertise and simply failed to make the sites solid enough?

We note with interest that BT has since beefed up security. That was extremely fast, we pondered. But then is it surprising? Our beloved monopolistic telecoms giant had simply remained true to form and held back technology until it was needed.

However, thanks to a reader tip-off, we also came across the latest issue of an online hacking mag which featured a article called "Plague v0.1" written by Datawar and another person with a surprisingly similar pseudonym to one of the emails we received from the attacker.

Plague is, unsurprisingly, a DoS method and coding. It would appear that Datawar had written the original tool, which our man had then perfected - to apparently great effect. Plague's primary purpose "is to create an environment that it capable of effectively coordinating a number of compromised hosts in a distributed attack. The nature of this attack ranges from denial of service to a sophisticated scan of the Internet for potential targets for future compromise.

"The program will consist of a client which runs on the users own machine. The client communicates with a master server which will be responsible for coordinating a set of ghost daemons."

Top of the list of the program's attributes was Stream flood - listed as complete and extensively worked on by the attacker - which was what most likely used against BT. A scanning aspect - which looks for weak machines to act as ghosts - is also part of the program.

For those of you that don't know how a denial of service attack works is follows something like this: one machine locates and compromises a number of other machines that have poor security. It then installs a hidden piece of code on it. This code effectively enables the original machine to make the others (known as ghosts) send information to sites of its choice. By sending dead packets of information to a particular server, that server responds to confirm a connection but the message is reflected back. This build up from a range of different machines can cause the server to topple over and makes viewing the site by anyone else extremely difficult.

Those being attacked can block all the traffic from one machine but when many are used, this job requires a lot of effort and time.

So there you have it. But where's the code or the URL, you want to know. You said you'd tell us how to do it. Well, my friends that was a headline to catch your attention. We've had a brief debate here at The Reg and our ethical stance about this sort of activity is that while we will report and inform people about what is going on, we will not point people in the direction of potentially damaging information.

This sort of approach is used widely by the UK media in all sorts of sensitive reporting, although the court system appears to have got carried away with reporting restrictions. On the other side are things like the News of the World's recent approach to the murder of child Sarah Payne. It has decided, in a moment of self-imposed omniscience, to print a list of known paedophiles in the UK - even extending this to an interactive "search for your local paedophile" on its Web site. Since this is totally irresponsible, we feel it would be irresponsible to do the same with this DoS story.

That said, we credit you the readers with enough intelligence to find out what you want to know. If it's that important to you, have a hunt around yourselves. ®

Related stories

BT hacked: revenge for crap service
BT hands over money for the Great British Stitch-Up

A new approach to endpoint data protection

More from The Register

next story
Amazon says Hachette should lower ebook prices, pay authors more
Oh yeah ... and a 30% cut for Amazon to seal the deal
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
Nintend-OH NO! Sorry, Mario – your profits are in another castle
Red-hatted mascot, red-colored logo, red-stained finance books
Sonos AXES support for Apple's iOS4 and 5
Want to use your iThing? You can't - it's too old
Joe Average isn't worth $10 a year to Mark Zuckerberg
The Social Network deflates the PC resurgence with mobile-only usage prediction
Feel free to BONK on the TUBE, says Transport for London
Plus: Almost NOBODY uses pay-by-bonk on buses - Visa
Twitch rich as Google flicks $1bn hitch switch, claims snitch
Gameplay streaming biz and search king refuse to deny fresh gobble rumors
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?