Hackers Break Into Nasdaq and Amex Web Sites

Hackers on Wednesday vandalized the Web sites for the Nasdaq Stock Market and the American Stock Exchange, but there was no evidence they manipulated data.

A group calling itself “United Loan Gunmen” infiltrated the computer running the sites just after midnight. The hackers left a message--the high-tech equivalent of graffiti--and also claimed to have briefly created an e-mail account on Nasdaq’s computer, suggesting a broader breach in security.

“That’s a pretty serious allegation,” said Christopher Rouland, a security engineer for Internet Security Systems Inc. “It’s difficult to say if it’s accurate, but once you breach the perimeter, it certainly is easier to get into the infrastructure.”

Nasdaq said Wednesday its policy is not to discuss security issues, but added, “The Nasdaq Web site is operational and secure. What we’ve been talking about concerns our Internet sites and has nothing to do with our trading network.”

The hackers’ message said they sought to “make stocks rise drastically, thus making all investors happy, hopefully ending with investors putting bumper stickers on their Mercedez’ [sic] that say ‘Thanks ULG!’ Meanwhile, ULG members go back to flipping burgers at McDonalds.”

Nasdaq’s Web site runs Microsoft software, called Internet Information Server, that has suffered several serious security problems in the last year.

The ULG hackers also had claimed responsibility earlier this week for the defacement of the Internet site for Matt Drudge, the Net gossip columnist.