I was just over at Darren Rowse’s Problogger leaving a comment, and when I hit send I was redirected to a script-kiddy / hacker page telling me I’d been owned. I didn’t stick around to look more carefully than that.
Now the whole site is broken at the database level (safe mode?).
Anyone know what’s going on?
UPDATE: The b5 guys are on it, main site back but the job boards are “owned” by an alleged political group. Just to clarify, Darren is not hosted with the rest of b5 — he has separate hosting with Rachel Cunliffe and others (who were also partially hit by this hack).
Subscribe to Copyblogger today!
Bookmark and Promote!
Related Articles
Thesis Theme for WordPress
Thesis is a world-class, search engine optimized WordPress theme with an innovative options panel that is perfect for beginners and professionals alike. Learn more about it below:
32 comments... add one
#1 Ted Demopoulos → 08.28.06 at 2:55 pm
I’m getting an error and it looks hacked.
A script (list of commands) is trying to run as root (superuser, administrator) and is being blocked. Someone may be trying to “unhack” it now.
Little known fact: in another life, I’m a computer security guy, for example last week :)
Let’s hope he he gets up and running quickly!
#2 MacStansbury → 08.28.06 at 2:56 pm
Yes.
#3 Brian → 08.28.06 at 2:57 pm Copyblogger
Jeez… I wish I would have taken a screenshot of the taunt page I got when I tried the comment, but that type of stuff tends to scare me off!
#4 Daniel Goldman → 08.28.06 at 3:12 pm
Yup, it seems like he’s been hacked by some anti-Israel group.
#5 Brian → 08.28.06 at 3:46 pm Copyblogger
Where are you getting that from Daniel?
#6 Jim Turner → 08.28.06 at 3:58 pm
I was directed their when Aaron linked to the jobs board. Very weird indeed.
#7 Jim Turner → 08.28.06 at 3:59 pm
Update: Aaron just commented that the site is hacked and he can’t get in to fix it.
#8 Brian → 08.28.06 at 4:03 pm Copyblogger
Do you have a link?
#9 Douglas → 08.28.06 at 4:15 pm
Brian: I can second what Jim said. We are aware of this and we are doing everything in our power to rectify the situation.
#10 Brian → 08.28.06 at 4:20 pm Copyblogger
Well, everything looks back to normal to me at the site.
I’d be interested to hear the story behind this.
Every blogger’s nightmare.
#11 Evan → 08.28.06 at 4:20 pm
It must be something going around today. The designer of Problogger (and Techcrunch) Rachel Cunliffe had her site hacked today. I got a screenshot and apparently some of the pages are still hacked [link].
#12 Aaron Brazell → 08.28.06 at 4:23 pm
I have my guesses but won’t share them here. The jobs board is still hacked. The main site seems to be restored. ProBlogger, though a b5 blog, is still hosted on other servers and so the technical staff can’t really fix that.
#13 Brian → 08.28.06 at 4:26 pm Copyblogger
Evan, that may be due to Darren and Rachel being on the same server.
#14 Jerermy Wright → 08.28.06 at 4:31 pm
As Aaron said, we’re working on this as much as we can. Which isn’t much at this moment, but as soon as Darren’s awake I’m sure Aaron and I will be called in.
#15 Brad Isaac → 08.28.06 at 4:33 pm
Sad when people go out of their way to hurt people who are trying to help others.
#16 » jobs.problogger.net has been hacked! -- Thatedeguy → 08.28.06 at 4:36 pm
[…] Credit to CopyBlogger for being the first to bring it to my attention. Seems that someone who calls himself net_devil has managed to infiltrate the problogger job board and switch the index page out. For the Polite Admins … who sent me Polite MSGs ” Thank you Admin ;p for Giving me your box … to Spread the Truth in the Name of Freedom to the Innocents . For the Impolite Admins … who sent me impolite MSGs Dude , why you’re not talking politely !? … You must be happy and thank me for not deleting all of your files ! … I was polite with my HACKING to your site … I’ve said ” I didn’t delete any of your Files !” Only Changing the Index* … So ! , be polite with me Please … & about what the site is for … I’m not hacking to be a Terrorist !!! .. The Terrorists are the Israelis !!! ” Killing Innocent ( Christians & Muslims ) Children , Women & The Old one ” without any reasons !! … Okay ! dude … So .. My Job is Hacking any site that not having any Security & put my MSG in the name of Freedom to the Innocent People that killed by the Super Terrorists in the Whole World Israel ! ” & Hacking isn’t Killing !!! ” You can delete my Index* & Change it with yours ;p … I was polite with you cuz, I didn’t Delete Your Whole Files S: … So I’m educated enough dude … Don’t teach me What’s wrong & what’s right Like the Biggest terrorist ( Bush !! ) … […]
#17 Brian → 08.28.06 at 4:40 pm Copyblogger
Hey Jeremy… yeah, I knew the time in Australia, and figured he doesn’t even know yet.
#18 footy → 08.28.06 at 4:43 pm
Looks like everything is ok now..anyone got screenshots?
#19 footy → 08.28.06 at 4:49 pm
well..i visited Darren’s other site..and they were indeed hacked..here’s one of them:
http://www.breakingnewsblog.com/printer/
#20 Evan → 08.28.06 at 4:56 pm
Footy, go up to my comment i posted screenshots. Or click on my name.
I tried to contact rachel this morning when it happened but I imagine I have no clue what time it is, where she is. :)
Same server.
#21 Jeremy Wright → 08.28.06 at 5:45 pm
It’s all sites on the server (not our server, for the record). Looks like there still a few items left to restore, but thankfully this hacker was actually pretty nice about everything :)
#22 Jim Turner → 08.28.06 at 5:51 pm
Anyone actually tried to contact this hacker at the address given?
#23 Amrit Hallan → 08.29.06 at 8:52 am
The problem there has been there since Friday. I remember trying to post something and the page getting lost every time in depths of inactivity.
#24 Anon → 08.29.06 at 12:50 pm
How is this even remotely relevant to me learning how to write better copy? Brian, Brian, Brian. You’re way off-topic.
And before anyone disses me — remember, I come here for one, and only one, thing: to learn how to write better copy. I’ll let Brian expound on why that’s important.
#25 Brian → 08.29.06 at 12:59 pm Copyblogger
It’s very relevant to blogging, which is a big part of what this site talks about. I’ve already figured out several security flaws that I corrected myself last night thanks to Darren’s misfortune. But I won’t go off topic enough to explain those to you, since I’m sure better qualified people will be doing that soon.
Sorry you didn’t find it useful, and yet you wasted your precious time to come here and anonymously gripe?
Doesn’t make sense… It’s just so much easier to ignore the post, right?
#26 Anon → 08.29.06 at 1:07 pm
Brian, when you make a mistake, the best thing to do is admit it, not deny it and make it worse. This is clutter in my feed reader. It is NOT easy to ignore. I spend a lot of time and energy trying to find undiluted sources of good information without the fluff. It is a very difficult search these days.
I’m a professional software engineer and a security expert. I don’t need or want your thoughts, or anyone else’s on this blog, on security. I go elsewhere for that, and I get it from highly focused sources that don’t talk about other things. I’m interested in your thoughts on good writing, and I want only that.
I’m staying anonymous for good reason, and of course as a security expert I know there’s no such thing as anonymity on the web, but I trust you to protect my identity here.
#27 Brian → 08.29.06 at 1:16 pm Copyblogger
You’re safe with me, but I think you’re being a bit egocentric.
If I posted a picture of my cat, I’d apologize.
But I wouldn’t do that.
This blog stays on topic much more than most. I think you can cut me some slack here.
#28 Ted Demopoulos → 08.29.06 at 9:07 pm
Then again, one of the foremost security experts in the world, Bruce Schneier, and all around good guy, blogs on squid every Friday on his security blog — go figure?
no one complains - Ok, one confused comment in 8 months
#29 PK → 10.15.06 at 7:19 pm
I see that a lot of sites have been taken over by “net_devil”. I clicked onto a site to get some new backgrounds, and saw islamic propaganda, so I replied. Since then, I have been at verbal war with this extremist. He is starting to wear down, as the insulting emails are shorter and fewer.
On the search engines, i have counted about 45 sites hacked. Some are two liners, and some are full of BS posed pictures, with the larger one playing islamic music way after you leave the site.
This in itself a type of terrorism.
Sorry to use so much space, but I just wanted you all to know, some of us are “Spamming”him. (He left 46 identicle emails one day. I left him125.)
klotzstang@aol.com
PS I only use my other computer to fight this guy………………PK
#30 Greg → 10.22.06 at 12:09 pm
How do you get your site back? He hacked mine as well.
#31 PK → 05.29.07 at 8:45 am
I just cut and pasted his entie website to him, after exchanging several “friendly” emails.
There must have been a virus in his emails, as when I sent them back and he opened them, he cursed me to **** for wiping out his hard drive, saying he was going to put hard hurting on my family. It came from a different IP.
Since then, others have sent his stuff back in an email and he curses thier family and stops the whole thing.
I don’t know how to create or use a virus, but I guess if someone did not block thier own virus, it could affect thier own computer.
By noe, all he does is put a few lines in place of a website, instead of the entire propaganda pages he used to have.
#32 PK → 01.21.08 at 1:28 am
I hope you got your site fixed from what “Net_Devil” did. I got more emails, so I took one and emailed it to myself, then severely altered it to reflect the opposite side of things, changed the names of his co-horts into nonsence, and just messed him up.
I noticed the next week that most of the sites were back to normal. I think he may have got caught. It is a stupid way to “educate” webmasters, as he claimed to be doing. All he did was get people mad.
But he is not active, although I believe he used a different name for a while.
The source could have been hit by the military, but he is gone, no more web-jackings.
Leave a Comment