Creative Commons license icon

Flayrah.com Hacked

No votes yet

At some point last night, we were hacked. The hackers appear to have done little other than deface the index file. We're up and running again. Sorry for the downtime.

Comments

Your rating: None

Bah, arguing semantics.

Your rating: None

They have you seeing double as well.

Huzzah.org got hacked twice, and I moved it to a commerical hosting service after the second time. All that happened the first time was about what you describe - the index file was replaced by some group going by the name of "ShitkikerZ"

The second time I was actually logged onto the system when it happened and I got a boadcast message from root (which was supposely only me) calling me an idiot, and the entire file system erased.

After that I went to a windows 2000 server, but subsequently we switched from DSL to a cable modem, lost the fixed IP and they block port 80 so that was the end of that.

Your rating: None

This PHP Nuke site was also hit, but they say more was done. Is a vulnerability in PHP Nuke to blame? How much precaution have you folks taken after the cracking?

Your rating: None

Those crackers might have been able to break into your web site, but they sure can't write JavaScript very well. I checked.

For some reason, they didn't want anyone to be able to right click. I don't know why this was, but anyone with Netscape could just go right ahead and do so.

I could give y'all the JavaScript they used, since I saved it to disk.

Another thing I'd like to know is why they seem to be targeting furries?

Your rating: None

>Another thing I'd like to know is why they seem to be targeting furries?

I am curious what evidence you hold that leads you to believe that furries have been "targeted" just because a Furry-related website was compromised. This is the only attack on any furry-related sites that I am aware of. My employer's Outlook Web Access server was compromised one day. Were we being "targeted?" No. We just had the misfortune of being there and being vulnerable to this particular exploit.

People are opportunists. I would lay twenty-to-one odds that the person who did this just decided to take advantage of a vulnerability ( be it in the server's configuration or the code for the weblog ) to have a little "fun" and just "see if he could do it." I do not think that there was anything particularly personal in this attack. Given the message that was left after the defacement that took place I would say this was a fairly generic attack that was completely impersonal.

Additionally, I would suggest that if you care to offer code or the like up for review (and I am sure your time and effort is quite appreciated by the Flayrah staff) you should probably take it offline and into e-mail with Aureth.

Your rating: None

What happened to your site was the internet equivalent of someone spray painting grafitti on a wall. Be glad you didnt get your whole site wiped out!

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <img> <b> <i> <s> <blockquote> <ul> <ol> <li> <table> <tr> <td> <th> <sub> <sup> <object> <embed> <h1> <h2> <h3> <h4> <h5> <h6> <dl> <dt> <dd> <param> <center> <strong> <q> <cite> <code> <em>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This test is to prevent automated spam submissions.

About the author

Aurethread storiescontact (login required)

an agronomist and Cornwuff from Northern Illinois, interested in sf, homebrewing, photography and running