You Are Here: Home » General » Hacks » Linux » News

Details of the TCS DNS hacker

By Ricky on February 9th, 2010 
Advertisement

We recently covered the hack of the Tata Consultancy Services (TCS) website. After the hack we at Digitizor decided to investigate the identity of the hacker. In this article, we are publishing some of our findings.

The first thing we tried to do was track the hacker. Here is what we uncovered regarding the hacker:

IP address:

41.96.35.44 (assigned on Monday, 8 February 2010 07:04:45 GMT)

41.96.125.44 (assigned on Monday, 8 February 2010 18:02:51 GMT)

41.96.125.44 (assigned on Monday, 8 February 2010 18:46:58 GMT)

[Note: IP can be assigned dynamically]

ISP: Algerie Telecom - FAWRI

Country: Algeria

City: In or around Algiers or Annaba (most probably Algiers)

Name of the hacker: Samir (we are not entirely certain, it could be an alias)

By posing as buyers interested in obtaining the tcs.com domain, we exchanged email with the hacker. By tracing the emails that he sent to us as reply, we have managed to trace his IP addresses and then finally his location.

He was asking for USD 2000 from us for the tcs.com domain. When we asked him if he actually own the tcs.com domain, he replied that he does.

Here is the emails we exchanged:

Me:

Hello,
I am interested in buying the domain tcs.com. How much are you
charging for the domain?
Thanks,
Ricky Laishram

sami:

Hi
I accept 2000 USD

Pay with http://www.moneybookers.com or http://www.alertpay.com or http://www.westernunion.com

THANKS FOR interested

Me:

Hello,

Since 2000 USD is a huge sum, I would like to know if you actually own the right to the domain.

Thanks,

Ricky

sami:

hi
Sorry this is the amount of sales
Yes, I am the owner of domain

THANKS FOR interested

Me:

Hi,

I am sorry but a friend of mine advised against buying the domain, tcs.com, especially at the mentioned price as he says it belongs to a corporation TCS America.
I am sorry that if you are not a representative of TCS America, I cannot procede with the deal.

Thanks,
Ricky

sami:

THANK YOU

If anyone want copies of the original emails for any reason, email me at [email protected].

Advertisement







Details of the TCS DNS hacker was originally published on Digitizor.com on February 8, 2010 - 10:07 pm (Indian Standard Time)