Announcement

Collapse
No announcement yet.

TalkStink Hacked

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • TalkStink Hacked

    Looks like TalkStink has been hit by those semi-notorious Portuguese (Brazilian, maybe?) hackers known as Simiens Crew. Posting here in case the webmaster checks in here first.
    But I'm disturbed! I'm depressed! I'm inadequate! I GOT IT ALL! (George Costanza)
    GrouchyTeacher.com

  • #2
    Re: TalkStink Hacked

    Originally posted by scrivener
    Looks like TalkStink has been hit by those semi-notorious Portuguese (Brazilian, maybe?) hackers known as Simiens Crew. Posting here in case the webmaster checks in here first.
    Oh crap. I had to go look. Now those turkeys have my IP address in their logs. Urg.
    Make trouble, have fun, do good stuffs.

    Comment


    • #3
      Re: TalkStink Hacked



      Yike. I sent Jon an e-mail. I've had sites hacked before... fortunately, most "hackers" are just script kiddies using known vulnerabilities to deface sites - which usually means just overwriting default pages, not destroying content.

      Passing the page through AltaVista's Babelfish translator (Portuguese to English) turns up something resembling existential rambling. "What we lose, we lose. It looks at for front! Still it is time to appreciate the flowers that are entire to ours..." Though of course, much of the "art" could be poor automated transating. At least it beats "U r PWNED by teh hax0rz d00d!"

      Edited to add: Looks like this was probably done using a relatively well-known vulnerability in phpBB forum software (a prime target for hackers). I didn't know TalkStink used it, but in a shared-hosting environment, the hackers could have gone in through some other site and just took out several other domains on the same machine.

      It could have been many other things, of course. Any off-the-shelf software could be targeted, from CMSs to guestbooks to photo galleries (which is how I got hacked). If you play with phpBB, or any software like that, make sure you're up-to-date!
      Last edited by pzarquon; January 28, 2005, 08:45 PM.

      Comment


      • #4
        Re: TalkStink Hacked

        Wow, no IT people to shut down the website? (I took some screenshots; for whoever wants to see, I'll post it later).
        How'd I get so white and nerdy?

        Comment


        • #5
          Re: TalkStink Hacked

          IT people? I'm sure Jon wishes he had a crack team of programmers (and reporters!) on his payroll. Sadly, most of us are one-person web operations. The site will get fixed whenever Jon next logs on. And, of course, he'll just love to discover us all yammering about it.

          I posted a thumbnail of the hack above. The flower image is being pulled from a Brazillian blog site, but I'm pretty sure the author of the blog isn't the hacker -- they're just using his/her bandwidth.

          Comment


          • #6
            Re: TalkStink Hacked

            The funniest thing is those script kiddies use Microsoft Frontpage to render their HTML.
            Oy? Visit these sites why don't you?
            Talk Stink, Hawaii Media News, Rumors, Gossip & LOST.
            WIEblog, Where the whole world watches Wie.
            Hawaii Club Scene, Photos of Hawaii Men and Women out on the Town

            Comment


            • #7
              Re: TalkStink Hacked

              Oh, man. That is hilarious. Did they leave any other interesting fingerprints?

              Edit: If you get a chance to see it before it gets taken down, someone made a cute little modification to the heading: "Simiens Crew Loves Emily Chang."

              Well, of course it does. Who doesn't?
              Last edited by scrivener; January 28, 2005, 09:19 PM.
              But I'm disturbed! I'm depressed! I'm inadequate! I GOT IT ALL! (George Costanza)
              GrouchyTeacher.com

              Comment


              • #8
                Re: TalkStink Hacked

                Originally posted by scrivener
                Oh, man. That is hilarious. Did they leave any other interesting fingerprints?
                I'll see when my host replies to my tech support email. Otherwise I went and changed the subtitle of their page. This is a first for me so I'm just rolling with the punches.

                Damn, scrivener, that was quick.
                Oy? Visit these sites why don't you?
                Talk Stink, Hawaii Media News, Rumors, Gossip & LOST.
                WIEblog, Where the whole world watches Wie.
                Hawaii Club Scene, Photos of Hawaii Men and Women out on the Town

                Comment


                • #9
                  Re: TalkStink Hacked

                  Wow. They got your personal site, too.
                  But I'm disturbed! I'm depressed! I'm inadequate! I GOT IT ALL! (George Costanza)
                  GrouchyTeacher.com

                  Comment


                  • #10
                    Re: TalkStink Hacked

                    Originally posted by scrivener
                    Wow. They got your personal site, too.
                    All the sites on that particular server got hit. That's how I found out about it. Someone on the east coast instant messaged me that his site got hacked too. Turned out we were on the same machine.
                    Oy? Visit these sites why don't you?
                    Talk Stink, Hawaii Media News, Rumors, Gossip & LOST.
                    WIEblog, Where the whole world watches Wie.
                    Hawaii Club Scene, Photos of Hawaii Men and Women out on the Town

                    Comment


                    • #11
                      Re: TalkStink Hacked

                      Wait. That means that it doesn't even matter that I upgraded my phpbb as soon as the update was released if someone else on my server didn't? That sucks. My webhost emailed everyone to tell them of the vulnerability; if everyone else's stuff is vulnerable, too, it seems that a warning like this isn't enough. Would a webhost FORCE an update?
                      But I'm disturbed! I'm depressed! I'm inadequate! I GOT IT ALL! (George Costanza)
                      GrouchyTeacher.com

                      Comment


                      • #12
                        Re: TalkStink Hacked

                        Yes, as I mentioned above, that's what it means. Shared hosting is great and affordable, but one weak link on a machine with 100 websites means all 100 websites could be taken down or defaced. Doesn't matter if it's a political site, a preschool, or a journal.

                        Depending on the severity of the vulnerability and the persistence of successful hacks, a webhost can force updates... or, more than likely, disable the script in question. Sadly, a lot of phpBB hacks and other similar holes are the result of abandoned sites -- someone tried out a script, didn't use it, but left it installed. Five, six fixes later, and that old site is swiss cheese to bored kids.

                        Right now, Movable Type is a hot target, and security fixes have been coming out fairly often. Servers without patched installs have been brought to their knees, so some webhosts have suspended Movable Type scripts specifically or gone ahead and put in the patches, whether or not the clients knew about or wanted them.

                        Comment


                        • #13
                          Re: TalkStink Hacked

                          I just took another look at the site. It only gets worse. Please make it stop!
                          Oy? Visit these sites why don't you?
                          Talk Stink, Hawaii Media News, Rumors, Gossip & LOST.
                          WIEblog, Where the whole world watches Wie.
                          Hawaii Club Scene, Photos of Hawaii Men and Women out on the Town

                          Comment


                          • #14
                            Re: TalkStink Hacked

                            Originally posted by talkstinkDotCom
                            I just took another look at the site. It only gets worse. Please make it stop!
                            Umm... looks like you're the one prolonging it at this point.

                            Comment


                            • #15
                              Re: TalkStink Hacked

                              Originally posted by Palolo Joe
                              Umm... looks like you're the one prolonging it at this point.
                              That's the story of my life.
                              Oy? Visit these sites why don't you?
                              Talk Stink, Hawaii Media News, Rumors, Gossip & LOST.
                              WIEblog, Where the whole world watches Wie.
                              Hawaii Club Scene, Photos of Hawaii Men and Women out on the Town

                              Comment

                              Working...
                              X