In association with heise online

08 July 2009, 15:08

Milw0rm exploit portal ceases to operate - Updated

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

One of the largest exploit portals on the internet,, has ceased to operate. Only a few lines in the page headers announce the portal's closure. The operator, who goes by the handle 'str0ke', explains that it has become impossible to review and release submitted exploits within an adequate time frame:

For the past 3 months I have actually done a pretty crappy job of getting peoples work out fast enough to be proud of. 0 to 72 hours isn't fair to the (exploit) authors on this site.

Str0ke does not explain whether this is simply due to a lack of time, to an increasing number of exploits or perhaps to both. It also remains unclear whether the page and its current database will remain available or whether it will soon be taken off line. It is possible that other members of the community will come forward to support str0ke or offer to take over the portal's operation.

Originally, milw0rm was a worldwide group of hackers whose members communicated via IRC. The group became known internationally after it hacked into the Indian Bhabha Atomic Research Centre (BARC) in June 1998 and downloaded emails and classified documents about nuclear tests. The members' true identities reportedly still remain unknown to the investigating authorities. Speculations that milw0rm was closed due to pressure from the FBI have so far not been substantiated.

The group disbanded after the BARC hack, and former (US) member 'keystroke' founded the exploit portal under his new name str0ke in 2004. Milw0rm became very popular after the French FrSIRT (previously K-otik) security portal closed its exploit download area and only remained available to paying customers.

The Packet Storm portal, which has been in existence for more than ten years, is a possible alternative to milwOrm. Since July, users have been able to follow Packet Storm on Twitter to keep updated about the latest tools and exploits available. While Bugtraq also offers a database of exploit advisories, these may occasionally be manipulated or censored by its Symantec-related operators – last April, exploit author Kingcope publicly complained about such manipulation.

UPDATE - While the domain still exists, the Milw0rm server is now unreachable. It appears that the 'handles' keystroke and str0ke refer to two different people.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit