Comcast Hacker Pleads Guilty
“Christopher Allen Lewis, a.k.a. “EBK,” 20, of Newark, Del., pleaded guilty Wednesday to conspiring to disrupt service at Comcast corporation’s website in May 2008. Lewis is scheduled to be sentenced on May 21 and faces a maximum sentence of five years in prison, a $250,000 fine and up to three years of supervised release.” – SC Magazine.
They accomplished this attack by changing DNS records to point to a different location. They claim that it was a prank, but if the attackers had made a carbon copy of the site and pointed the DNS records to it, Comcast’s losses could have been much higher.
This weakness of the TCP/IP network model needs to be fixed. DNS records should be locked down on active websites.