The Dark Visitor

Heike and I have reported on the well-known Chinese hacker sunwear several times:

People’s Armed Police Officer Hacking?

Sunwear Picture Proclaimed a Joke

Chinese Hacker…repeat offender!

Top Chinese Veteran Hackers

A forum posting on eviloctal from sunwear shows a screenshot of a hacked metasploit.com with his mark:  “hacked by sunwear ! just for fun”.  Here is a link to the eviloctal.com forum posting.  Thanks to sunbelt for the news.  No way to tell if it was a hoax or real just yet. The metasploit site seems to be normal at the time of this writing.  The forum post was made by sunwear on June 3.

Update (June 3 2003hrs GMT): One reader commented that the site was indeed hacked and that he was redirected to the evil octal forums.

Update from HD at Metasploit: The issue was that someone hacked a machine on the same subnet and was ARP spoofing the gateway. The metasploit.com machines were not compromised, but all HTTP requests coming into the ISP network were passed through a MITM defacer that inserted that HTML. Once I as able to set a static ARP entry and notify the ISP, the problem was resolved. So, to make things clear, the metasploit.com servers were not hacked, the ISP’s network was.

For some this may be a familiar face, for the rest, let me introduce Sunwear. We met Mr. Sunwear back in November, when he was doing bad things to Japanese websites and leaving some rather crude defacements. Sunwear and a friend of his named Kitty became so upset at the attention he was receiving on the blog that they left comments imploring us to remove the article. No such luck for him.

So, did Sunwear swear off his life of crime, turn over a new leaf and devote his life to charity? No such luck for me:

Just for fun…

Just for fun? Words alone cannot express how disappointed I am…