Updated: Sub domain has been taken over by the FBI, see below..
Today
i was alerted to a hack by a group of old school hackers from the late
90′s who have left a sub domain of the well known hacker collective
lulzsec hacked.
The attack appears to be a DNS attack as well as a defacement on another site which is currently sharing the same IP (74.220.210.192) that the “defaced” sub domain is currently being hosted on. the main lulzsec website with or without the www shows the the long existing notice that has been taken over by authorities.
The attack has been done by Prime Suspectz who
on Zone-h have not made a post to the site since 2005, but that does
not mean they have been totally quite over this period. The defacement
has a message to lulzsec and anonymous and makes mention of sabu,
stating that they remember a older conversation from back in 2004 where
he couldn’t hack.
Prime Suspectz & core-project is back!
x-s4nd3r / st4ck / eCORE / coolswallow
LulzSec owned?
Anonymous & LulzSec are
the world’s biggest lamerz, they think leaking can make them big haxor?
no, you are wrong! u will be never big hacker, ur the biggest lamers of
this planet..people like you destroy the hacking scene, you use LOIC
and thinking ur big hacker, hahahahaha!
we are not dead, big lamerz like u must be destroyed, also for sabu (the
police snitch), you were the biggest n00b i ever talked to in 2004,
using lame ssh exploits u could not even pwn a IE2-box, do not believe
the media!! media delivering false news…sabu was the biggest n00b of
this century, and nobody gives a fuck about ur lame leakz, anonymous 
but the show is not finished yet, we are not dead…we always watching u
The other website which shares the same IP as the portal.lulzsec.com currently does is http://pekingporkchop.com/ and that is also displaying the same defacement page leaving one to think that is the main defacement as it shows up in caches as a old unused Joomla website with no content.
So,
lets break this down a bit to see what is going on. The main lulzsec
site is owned by FBI, a sub domain has been hijack either by DNS hijack
or hackers have control to a cname controller some how and now the site
is pointing to another site name pekingporkchop.
Proof that both were on different IP’s at time of publishing.
See a Mirror of the defacement: here and the rest of prime suspects older defacements here
Reverse IP on 74.220.210.192
Also like to make the note of timing of this breach, within weeks of news coming out that sabu has
been giving more time away from sentencing to assist police further
which has put a lot of anger and upset many people in the community as
people who sabu helped get arrested are facing big time behind bars.
So
ill leave you to figure out what the hell exactly happened here, so
have fun oh and Credit goes to @agd_scorp for alerting me to this.
Updated:
Once
again @agd_scorp has alerted me to the sub domain now also being in
control of the FBI as well as the other site which appeared to have the
deface http://pekingporkchop.com/,
This
makes one wonder if the site has actually been seized or was all this
just a big hoax of some sort or has the FBI gone and seized another site
now due to defacement? make note of the mxtoolbox.com results below
which show at time of update all ips were still the same as first
publish.
Once again, ill leave you to think about this one. bu
