Welcome to WebmasterWorld Guest from 50.19.190.144

Forum Moderators: incrediBILL & lawman

Message Too Old, No Replies

The Reg has been hacked

     
7:50 pm on Sep 4, 2011 (gmt 0)

Preferred Member

10+ Year Member

joined:July 7, 2003
posts:533
votes: 11


It would seem that the register.co.uk has been defaced.
8:11 pm on Sept 4, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 11, 2003
posts:5063
votes: 11


Too bad,that's a great site.

In good news, it seems like the UK police are starting to grab people like this and lock them up. About time, I'd like to live in a world where hackers had the serious likelihood of jailtime for practicing.
8:30 pm on Sept 4, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:6130
votes: 277


Yikes! I was there at 5am (my time) this morning. Just checked a few minutes ago and "can't reach site, try again in a few minutes). Then find this post at WW. Have no doubt that the weekend hit was intended (fewer people in the office).
9:06 pm on Sept 4, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Sept 25, 2005
posts:965
votes: 68


Same goes for UPS, it seems. The servers weren't hacked, but the perpetrator changed the domains' nameservers somehow.
12:01 am on Sept 5, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 30, 2006
posts:1599
votes: 1



I'd like to live in a world where hackers had the serious likelihood of jailtime for practicing.


hacking isn't evil, its these types go around making a mess for no good reason.
6:34 am on Sept 5, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:6130
votes: 277


Back on line... but no reports yet...
9:16 am on Sept 5, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 17, 2002
posts:1181
votes: 5


DNS hacked, not the sites themselves.

Serious issue for punters of betfair, or registered (cookie login details saved) users of sites such as dell, ups, telegraph.

Whilst there is no evidence yet that any of the sites were spoofed to garner login details the risk was there.

Note too that many hackers just do this for fun and bragging rights. What they are doing is, ironically, a good thing. They are exposing the weaknesses and flaws with major institutions who should know better.

In cases like this (if it was just a redirect to a defacement page) shows the worst case scenario of what can be done. This group just did the redirect to a defaced site and got their 15 minutes of fame.

Now what if, 2 weeks ago, a rogue group did exactly the same exploit but did not crow about it? What if they redirected users to spoof sites and gathered thousands of login details?
1:21 pm on Sept 5, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 11, 2003
posts:5063
votes: 11


If they put the people who did this in jail for a good long time, then in 2 weeks the next group will think long and hard about redirecting users to a spoof site. Right now there's no deterent.
2:08 pm on Sept 5, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 27, 2001
posts: 12166
votes: 51


Turkguvenligi managed to hack NetName's DNS servers through a SQL injection attack, which involves putting commands into a web-based form to see if the back-end database responds. If those commands aren't scanned for malicious code, an attacker could gain access to the system.


Turkish Hackers Strike Websites With DNS Hack
[PCWorld.com...]

Zone-H.org
[Zone-H.org...]
3:47 pm on Sept 5, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 30, 2006
posts:1599
votes: 1



If they put the people who did this in jail for a good long time, then in 2 weeks the next group will think long and hard about redirecting users to a spoof site. Right now there's no deterent.


then the DNS spoof bug would never be fixed. I don't like what they do but we don't have to drop the hammer on them as a murder 1 convict. The problem is this new hash of kiddies think that because they are behind a keyboard they think they are invisible and can get away with anything. I find it very odd that they are missing this most basic of steps.

I have never done such things in my past but.....

To catch a thief........



All great security pros lived another life, if they didn't they wouldn't be great. Its the double edged sword.
5:08 pm on Sept 5, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 11, 2003
posts:5063
votes: 11


Yeah, well I'm not big on the argument that criminals and vandals are somehow doing society some sort of service. The damage is still done.

And not all great security pros lived another life, any more than I have to be dead to sell life insurance or cops have to be crooks first. You've got a bunch of ridiculous arguments all in one post.
8:08 pm on Sept 5, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 17, 2002
posts:1181
votes: 5


Would you rather they just ran MITM attacks, or stole login credentials and then covered their tracks?

Because that's what the real thieves are doing.

Script kiddies are finding an insecure lock and just spray painting the walls. They are letting you know that others may have been in there previously, copied all your documents and left without trace.

This is what the antisec movement is about. They are exposing the totally inadequate security which large corporations, governments and military sites are using. They are exposing the security experts (whom are paid millions) as pure snake oil peddlers.

Yes, what the script kiddies are doing is an annoyance. But if your site is ever going to be hacked let it be hacked by someone who has just left a note on your front page and told you about it, rather than a thief in the night who stole your data and you never get to know about it.
9:23 pm on Sept 5, 2011 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:6717
votes: 230


^^^ what he said ..I had a site on a shared hosting package on a server that was hacked about 10 years ago..the experience and the fact that the hackers left their tag..allowed me to follow them to a forum ..where I found them discussing how it was done..

I had trusted my host at the time to have done the job of securing the server properly ..they had not..

I moved host overnight .. taught me a lot ..about people selling hosting packages who have no tech knowledge at all, just a point and click interface..and who allow all kinds of crap on their servers ..with no idea how to protect them ..or who just don't really care ..

Same goes for DNS..

Nowadays..I want people who rent me servers or space who I can phone 24/7/365 ..and who answer the phone with the company name that sold me the space and the bandwidth ..Not some "open a ticket"..send an "email" outsourced support that deals with multiple "hosters"..

A "deface" is "a wake up call"..that a door was left open ..that others may have already been through, in the past, silently ..or might have been able to, in the future, silently, without you ever knowing.
9:28 pm on Sept 5, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 11, 2003
posts:5063
votes: 11


Where I live there's basically no crime. We rarely lock our doors, frequently when we're not even home. I've returned home and found front doors wide open, garage door wide open, and kids playing down the street. I don't lock my car doors in the parking lots at the mall. The neighbor's teenage daughter jogs around the block at 11pm.

It's horrible. You know what would help? Some break and enters. That'd be great, remind us all how poor our security is. Yeah, that'd be wonderful - thanks folks for the lesson. Because they'd be doing us a favor, reminding us to lock our doors and not go out after dark.
9:41 pm on Sept 5, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:July 3, 2002
posts:18903
votes: 0


Not the same comparison at all, because with the internet they can break in from the other side of the world, and while you're in.
9:52 pm on Sept 5, 2011 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:6717
votes: 230


I live in the same kind of place..and do the same kind of things ..and for 15 years living on the Côte d'azur..also didn't lock my doors and on hot nights left them open...and slept...still do here..never lock the doors when we go out..

Have the good fortune to live in places where people care about those around them.

Hosters are a different matter..most are too busy counting the money to care about the service.


as g1smd said ..the two things do not compare..
11:30 pm on Sept 5, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member wheel is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 11, 2003
posts:5063
votes: 11


They compare fine, it illustrates exactly the point. it's the same argument that criminals somehow are doing any kind of service. What hogwash.
12:09 am on Sept 6, 2011 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:6717
votes: 230


Well in that case we should probably just take off and nuke them and their families from orbit ..its the only way to be sure ..

I'll bring the biscuits..you'll bring the ...
12:18 am on Sept 6, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month

joined:Apr 9, 2011
posts:12693
votes: 244


How 'bout this way.

You leave for a long vacation, and in the excitement of the moment forget to close your back door. By and by a neighbor notices, closes and locks the door. And then leaves on a vacation of his own, overlapping your own absence, or simply forgets all about it.

If they leave a note on your kitchen counter saying "I locked the door on such-and-such date", you are alerted to the possibility of Something Bad having happened before then. If not, you may never know that you left the door open. Until months later, when you look for a special piece of jewelry and find the box empty.

Then again, if the kind neighbor had a warped sense of humor they would lock the door-- but only after rearranging your furniture, adjusting the curtains and putting your pictures upside-down.
2:55 pm on Sept 6, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 30, 2006
posts:1599
votes: 1



And not all great security pros lived another life,


I said great ones, and yes if you don't think like one you'll never be 1 step ahead of one.

wheel you are obviously still pretty ripped over what was done to you in the past.
5:54 pm on Sept 8, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member planet13 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:June 16, 2010
posts:3796
votes: 28


Removed by poster
2:17 am on Sept 9, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 15, 2004
posts: 1867
votes: 0


A registrar hacked through SQL injection -- that is unsettling.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members