KDMS Team, a pro-Palestinian group of hackers, recently hacked the website of leading net security firm, Metasploit. The group carried out the attack using a fax machine. The hack itself was based on a DNS redirect, which occurs when an attacker changes the records used to tell web browsers what server is located behind the related web address. In the case of the Metasploit hack, the redirect was accomplished by faxing a faked redirect request to Metasploit’s registrar, Register.com. Metasploit’s parent company, Rapid7, has already stated that it is investigating the situation and has also released apologies for the service disruption.
After the hijack, another hacker known as Th3 J35ter acknowledged that the KDMS team had originally followed only 16 accounts on Twitter, many of which had not been used from a period of 6 months to over 3 years. He stated that based on the group’s somewhat new presence on Twitter, it seemed very suspicious that it would know and follow accounts that have not been active for such a long period of time. Th3 J35ter also claims to have identified the actual identities of the people within the KDMS team, including a Facebook page of one of the members.
The Metasploit hack is a prime example of various exploits that are possible via the use of fax technology, though commonly not targeted. Under most hacking scenarios, any exploits and attacks that are used are generally not achieved by use of fax because hackers tend to target other types of technology and code due to their mainstream usage and popularity. However, the Metasploit hack is also a clear reminder that exploits can be achieved, even with the use of fax, and that this is one technology that continues to be relevant on a precautionary level.