Herbless, a hacktivist with ethics
Herbless was the username of a European hacktivist. He first surfaced in early August 2000. One of the first messages he left on a tagged system was his protest against government monitoring of cell phones conversations in the UK. He then hacked UK government websites and left anti-smoking messages. SANS reports Herbless hacked nine "gov.uk" sites in mid-August 2000. They note he did not damage more than what was required, making a restore of the original site easy. He later apologized for hacking these websites.
Herbless then protested the MPAA suing a young Scandinavian kid whose DeCSS software could decode/copy DVDs by defacing legoland.co.uk and other sites. He also left instructions for the webmaster on how to restore the original sites. His work can be seen on Attrition.org.
Herbless then protested a fuel price crisis in the UK. SANS reports that on 14 SEP 2000 he had hacked 168 websites. MIS Corporate Defense Solutions says that he had hacked 450 sites by 19 SEP 2000.
On 20 SEP 2000, Herbless hacked the Hong Kong and Shanghai Banking Corp and subsidiary websites. On these sites he had a picture of the British Prime Minister Tony Blair saying "Trust Herbless he talks sense".
Analysts have determined that he was using an exploit in Microsoft's SQL Server. The default password was not changed.
In OCT 2000, the hacktivist career of Herbless stopped. He quit "for reasons that may or may not become apparent" in an email to vnunet.com.
www.sans.org
www.vnunet.com