Hacker Group to Release OpenSSH Exploit and Worm: "Give us 48 Hours"

Jul 21, 2009

After rumors of an OpenSSH exploit vulnerability got out, an anonymous hacker group intends to release the exploit code and an accompanying worm "within 48 hours."

A hacker group calling itself the Anti-Sec Movement wants two days to "publicly unveil working exploit code" for an OpeSSH vulnerability. The threat came July 20 as a message on the Full-disclosure mailing list.

Apart from rumors, the lack of conclusive evidence of the OpenSSH vulnerability has meant that most experts see the threat as somewhat hollow. OpenSSH is by far the most widely used remote access software. However, most configurations disable SSH access by default or protect it by a firewall.

Related content

  • Security Lessons: OpenSSH VPNs

    OpenSSH VPN technology, installed by default on most Linux, BSD, and Unix systems, lets you mix and match different clients and servers easily.

  • (Update:) Fedora: Chronicle of a Server Break-in

    In August 2008, the Fedora team noticed irregularities on its server. Project leader Paul W. Frields has now released a detailed report of the break-in.

  • Financing Crypto Projects

    Although open source crypto software is used virtually all over the world, the projects behind it are often small and chronically underfunded. Heartbleed, however, brings a possibility of improvement.

  • OpenSSH 5.4 Disables SSH Protocol 1

    The new version of OpenSSH serves developers as a feature and bugfix release.

  • Backdoors

    Backdoors give attackers unrestricted access to a zombie system. If you plan to stop the bad guys from settling in, you’ll be interested in this analysis of the tools they might use for building a private entrance.

Comments

  • NSA/CIA HACKER JOKE ON LINUX

    NSA/CIA HACKER JOKE ON LINUX

    THIS IS A CLASSIC NSA/CIA HACKER JOKE ON LINUX. IT'S TIMED PERFECTLY WITH THE TV NEWS HEADLINES AND WASHINGTON WHORE MEDIA.

    THE "ANTI SEC MOVEMENT" IS A NSA/CIA FRONT, JUST LIKE ALL THE OTHER PSYOPS THEY FEED THE AMERICAN PEOPLE DAILY.

    WE'RE WINNING THE WARS. WE NEED MORE GOVERNMENT. WE NEED MORE MORE GOVERNMENT. THE "ANTI SEC MOVEMENT" IS A FAKE NSA/CIA HACKER FRONT.
  • Comment form fixed

    Hey freejack,

    thanks for the info. The comment form is now fixed and will keep the data entered in case of a incorrect captcha.
  • please do more research before publishing "news"

    The whole philosophy of anti-sec is to not release exploits. They are destroying (or attempting to) anyone who publicly releases info about vulns.

    anyone can create a gmail account. this is not anti-sec.

    ps - this site wipes *ALL* the fields entered if something is wrong with the submission.. like an incorrect captcha...
  • lee7 haX0r

    Run away! Run away!
  • Fake

    No they don't. That message wasn't posted by anti-sec. Please do more research.
comments powered by Disqus

Issue 168/2014

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News

njobs Europe
What:
Where:
Country:
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia