September 7, 2000 6:25 PM PDT
Hacker smears Web sites with pro-Napster messages
The pranks come after a court ruling that could force another online music service, MP3.com, to pay hundreds of millions of dollars in damages for copyright infringement.
The hacker, who goes by the name "Pimpshiz," claimed 50 victim sites in a posting that included a screed lambasting the recording industry for its lawsuit against Napster, a popular music-swapping site.
"The (Recording Industry Association of America) does not represent your favorite music artists," the hacker wrote on Palminfocenter.com, one of the apparent victims of the attacks. "They represent rich record executives. These are the fat cats who make profit from the other 95% of CD sales. All because you either wanted more money (not like you had enough to begin with, right!?) or because you wanted publicity."
In an email interview, Pimpshiz claimed to have defaced 110 sites with the message in four separate rounds of attacks--using an unpublished hole in Microsoft Windows NT to infiltrate the Web servers. The hacker promised a "huge episode 5" soon.
This isn't the first time Web vandals have used the Napster controversy as a launching pad for their actions. Shortly after Metallica sued the file-trading service for violating that band's copyrights, anonymous hackers briefly took over the group's Web site.
The SaveNapster.com site was also attacked earlier this year after that site's owner posted a message that was critical of Napster's copyright policies.
Web defacement is a common way for anonymous, reasonably tech-savvy Web surfers to register complaints against companies or policies, or to simply spread mischief. Although it is technically illegal--and carries stiff penalties for people who are caught--few of the vandalism cases are tracked to their sources and prosecuted.
The Pimpshiz handle already has a reputation online as one of the individuals loosely associated with security leaks involving America Online. In a long discussion of internal AOL security procedures posted on Observers, the author credits Pimpshiz with obtaining many of the documents used in compiling the report.
"Pimpshiz--You were responsible for my obtaining these texts indirectly, so you still get thanks," acknowledges the author, who goes by the name "Allocate."
In the email, Pimpshiz claimed not to be responsible for the leaks of AOL documentation but said, "(I) have been involved in exploiting major vulnerable points of AOL's software."
News.com's Evan Hansen contributed to this report.