Friday, January 22, 2010

From the "That's Just Not Cool" Department

So it looks like a spammer managed to modify the Hackers for Charity webpage so they could put all their fake drug medication links into it. Hint, view source-code and then scroll down to the very bottom.

This does lead to some interesting observations though:
  1. The person who did this has no idea about the webpage they were hacking. If it was a targeted hit, (think ZF0), they probably would have done some visible defacing. If it is someone just looking to make money, there's no way they would knowingly tangle with all the heat that is probably going to be coming their way soon.
  2. Web page security is really hard. Over the last 6 months we've seen a large number of people in the security field have their webpages get hacked. Heck, even the NSA's main webpage was defaced.
  3. What does this say about the white-hat security community? As a member of that community this drives home the point that humility is important in this line of work.
I expect that the Hackers for Charity webpage will be fixed soon so if anyone is interested in doing some additional analysis, here are two of the spammer links, (they all pretty much are the same). I also have the entire webpage source-code available on request. Note, I changed the http to hxxp, and the www to aaa to avoid further helping the links advance their Google ranking.
  • hxxp://aaa.oaregion3.org/events/old_files/_vti_cnf/general/buy-acomplia-online-no-prescription.html
  • -- Buy Acomplia Online no Prescription
  • hxxp://aaa.oaregion3.org/events/old_files/_vti_cnf/general/take-acomplia-cheap.html
  • -- Take Acomplia Cheap
Now back to writing the post I was planning to put up here...

1 comment:

Matt Weir said...

Oh, and it looks like the spammer's kit on the other hacked site, (a webpage for overeaters anonymous), has been taken down.