Daily Archives: January 26, 2005

We Wuz Hacked!!!

Published by:

Well, it was bound to happen some time, I suppose.

This morning I awoke to a phone call from a friend alerting me to the fact that Jottings had been hacked sometime late last night.

Here are the specifics:

A couple of “l33t h@xx0rs” claiming to be from Iran and calling themselves Th3_Analyz3r and Unknown_3rr0r hacked the MySQL database that drives this site. They placed a message with a photograph of what appears to be a US Soldier pointing a gun at/near a child along with the following message:

WHO DID ALLOW TO THIS RUFFIAN TO DOING THIS???!!!!NOBODY EXCEPT WITHOUT HONOUR MAN: ARIEL SHARON

Ê

THE NUCLEAR ENERGY IS IRANIAN’S INDISPUTABLE RIGHT

THE ISRAEL MUST BE ERADICATED ON THE EARTH

START WAR WITH CRUELTY INSTEAD OF BE IN WAR WITH IRAN

THE REAL ENEMIES OF HUMANITYÊARE ISRAEL AND BUSH

WHEN YOU WANT TO WAKE UP FROM SLEEPING….

Aside from the fractured english they did manage to get a couple of things right. We should be at war against cruelty not Iran/Iraq/etc., and Bush certainly is one of the real enemies of humanity. You’ll get no argument from me there!

Funny thing is, I’m not sure why they would hack a site that is so obviously against this administration’s policies. I’m guessing they didn’t stop and take the time to read any of our content before spray-painting their graffiti on our walls.

Hey guys! Next time, give us a read first. We’re not exactly toeing the party line here!

Big BIG BIG thanks to Petolk and Mustapha for the heads up on the hack. You guys really had my back today and I totally appreciate it. Thank goodness this all went down BEFORE I left town.

UPDATE: It was a PHP worm and my web hosting service tells me they’ve made the necessary changes to block it.

FYI, a ton of sites were hacked with the same dumb message.

Looks like the work of script kiddies to me, and sloppy ones at that. They weren’t very careful about covering their tracks and I was able to trace them back to Iran via the server logs. (Yes, they really were Iranian.) After defacing the site, they went to brag about their exploit on a webpage that tracks hacked sites, but by the time their entry was received, I had already patched up my site.