oh oh oh ….ImageShack was hacked… …….

Equally approximately of you may have noticed, news in this area ImageShack being hacked has started to circulate now. While I tried to think it over this for myself, part of the damage has been fixed; I say part since the ImageShack blog still throws database connection errors…

Even if this could be inflicted with been worse for users who store their images here (myself included), here is more to it than meets the eye.

Like the attack on Astalavista, this lone was furthermore performed by the anti-sec group (groups, here may possibly be more) and single makes me think here will be more attacks.

The message which was present on ImageShack’s website with the attack.

Equally you could be inflicted with read their manifesto, hacking ImageShack does not conform to their goal…

    How do we plan to achieve this? Through the full and unrelenting, unmerciful abolition of all supporters of full-disclosure and the security industry in its present form. If you own a security blog, an exploit periodical website or you distribute one exploits…

Furthermore, they don’t think it over the irony of their events. The more they are vacant to hack security unrelated websites (like ImageShack) the more are they vacant to apply FUD. And it’s needles to say with the intention of more FUD equals more bring about pro the whitehats with the intention of they so much despise.

And they are good at spreading FUD! After the Astalavista hack OpenSSH exploit FUD spread online like plague.

The only way I would go about vulnerability disclosure would be trough responsible one… Mentioning that I would be responsible only if the given vulnerability could affect me; otherwise I wouldn’t really care… that’s just me.

Even with all that said, there is one common ground where I can relay with them, concerning PoC code that script kiddies copy-pasta for mass sploitation… PoC should be only left for innovative/new techniques and not for every *dangerous* exploit out there.

Like any online movement it has it’s pros and cons; some didn’t/don’t understand the: VX, Zeitgeist, Anonymous (it is a movement, sort of) or any other movement; so why understand the Anti-sec one, right?