While running the Attrition Defacement Mirror, we found out that some security companies were using the mirror to solicit new customers. This blatant ambulance chasing is pathetic and represents the worst of the security industry.

Sent to the webmaster of a site that had just been defaced:


Please respond to hacks@nightkingdoms.net

To:   webmaster
cc:
Subject:  So, you got hacked...



NIGHTKINGDOMS PROGRESSIVE
http://www.nightkingdoms.net
corp@nightkingdoms.net

Security Consulting
Information Control Center (NKP/ICC)
World Headquarters
Phoenix, Arizona, USA
hacks@nightkingdoms.net

TO:  WebMaster 

RE:  So, you got hacked...

MSG ID:  XaRY3EtipaWAgY4oDYry

***  PLEASE NOTE  ***
We are in no way responsible for the compromise of your security and/or network.
We merely obtained this information using the same methods as thousands of other
security professionals do everyday around the world.  You will receive this
message only once, should your WebSite not get hacked again.  This message is
for marketing purposes, however, the information contained in both this message
and in the Internet link provided herein are also used to inform you that 1)
your WebSite was indeed hacked and, 2) there are ways to both prevent it and
catch who compromised your system.  There are no obligations involved.
*********************


That's right, more than likely a fifteen year old kid just made you look like a
fool infront of the world.  In fact, you probably didn't even know your server
was hacked until you got this message.  (In which case, I suggest you start
recovering backups for the site now.)  You may have established security
protocols and other preventative measure, but it seems kind of worthless now,
doesn't it?

The truth of the matter is this:  No matter how many college courses or training
programs you took, nor how many books or articles you've read or studied -- it
never prepared you for this attack, did it?  Firewalls, gateway servers,
intrusion detection systems and the like didn't protect you or your information,
did it?  It all amounts to this:  These are tools, not excuses.

What are you going to do now?  Well, you have some choices.  Below you'll find a
link to some information.  We'll tell you what you can do now to find out who it
is, give you some tips on how to protect your information, then we'll show you
what you can do to prevent it from happening again.

You've been hacked, which proves that all the things you've done so far didn't
work.  We are very sure that you do not perceive the information you protect as
worthless.  Find out how to secure your servers from prying eyes and add actual
value to the security measures you've already put into practice.

http://infinity.nkpwhq.com/cgi-bin/hacks/gothacked.pl?dbi=pullRecord&hack=XaRY3EtipaWAgY4oDYry



Thank you for your time,


- Security Consulting
  http://www.nkpwhq.com
  hacks@nightkingdoms.net

  NightKingdoms Progressive
  http://www.nightkingdoms.net
  "Circumventing the limitations of technology."
main page ATTRITION feedback