Three-Week Hack Renders Over 1300 Windows Servers Inoperable
Page 1 of 1
A 30-year-old man was charged with criminal damage in Melbourne, Australia on Friday in connection with what could be well over one thousand attacks on Windows servers connected to the Internet.
Over the last three weeks, a hacker with the nickname "Number Cruncher" had been gaining access to Net-connected workstations running the Windows desktop operating system, and deleting enough vital system files to make the servers unbootable.
Reports have come in from victims across Australia, who had in common an IP address starting with the number 203, and who had "File Sharing" turned on in their Windows or TCP/IP preferences without passwords enabled.
The hacked servers had the contents of their root directories deleted, many executable programs and DLL files removed from their "C:\windows" directory, and many directories and files were added--including a picture of the Unabomber.
Police estimated the cost of rebuilding drives at up to AUS$15,000 (US$9,300) each, with at least 30 businesses known to have been affected. While the toll of victims had risen to 1332 by early Friday, this may be misleading as it counted the number of drives attacked, not the number of servers or the number of locations.
The man, who lives in Glen Waverley, Victoria, was bailed to appear on September 15, 1998.