[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [microsound] interesting post I received



http://www.virus.org/modules.php?op=modload&name=News&file=article&sid=197

The security group known as 'Gobbles Security' perpetrated a little hoax
this week that seemed to grab a lot of headlines. The hoax was nothing more
than an attempt to gain a little fame.

Gobbles Security have a little habit of upsetting the community, they shot
to fame in 2002 with some exploits of Apache+SSL Vulnerabilities. Then this
latest outing was a dig at the RIAA and their plans to hack P2P networks to
attempt to stop piracy.
Gobbles released an advisory that said the Recording Association of America
had contracted the hacking group to develop a hydra-like computer worm that
has already spread widely by exploiting security vulnerabilities in several
popular music programs.

Gobbles then claimed the antipiracy tool enabled the RIAA to create infected
MP3 music files and distribute them through file-sharing networks,
compromising and cataloging the infected systems.

However in an Email interview the group they admitted that they fabricated
the RIAA claim to get attention.

It seems however that the flaw described by Gobbles Security that relates to
the Unix MP3 player 'mpg123' is real, for more on that see it here.

------------------------------