Comcast Suffers Server Attack

Monday, February 10, 2014 @ 01:02 PM gHale

After successfully targeting Bell Canada and leaking customer information, the hacker group NullCrew breached mail servers belonging to Comcast, the largest ISP in the U.S.

The group said it exploited a local file inclusion (LFI) vulnerability in Zimbra, a groupware email server and web client used on 34 Comcast mail servers, to access them and their content.

Bell Canada Breach through Supplier
Yahoo Attack: Breach through Partners
Target Attack: Vigilance Remains Vital
NIST Cybersecurity Framework: What it Means

To show proof, the group linked a list of the servers, and the exploit code they said they used in the attack, to a Pastebin post. said the post didn’t include customer information, although one of the attackers implied they have gotten their hands on a password database.

Comcast has yet to comment on the claims, but it seems they are trying to protect their mail servers from further attacks now the exploit code is public by shutting them down for the time being.

Leave a Reply

You must be logged in to post a comment.