- Kali with description "Hacked By The GreaT TeAm -TGT"
- Kali-Dev with description “Libyan Hackers”
Update: Hacker told 'The Hacker News' editorial via email that lists.kali.org domain is hosted on https://mailmanlist.net/, who offers an easy web interface for administrators to manage their discussion lists. Hacker claimed that 'Mailman List' website is affected by 'Heartbleed' vulnerability.
He said, "First I got access to one of the Mailmanlist.net user acount with stolen cookies, collected by exploiting Heartbleed vulnerability and then I searched for other web application vulnerabilities", that allowed him to extract the administrative username and password of the Kali Malining list account.
Heartbleed vulnerability in OpenSSL is a serious and widespread problem and despite having a team of top Security Researchers, Kali Linux too didn't remain untouched from it.
Update: Kali team tweeted, "Looks like our inactive, 3rd party, 0 volume mailing list was hacked. DNS entry removed - back to sleep, problem solved."