Posted Wednesday 18th June 2008 16:01 GMT
If they stole the domain name, that means the users' browsers would be submitting their cookies to the attacker's server. That means that anything stored in the user's cookie (for example, session IDs) could be compromised, just not their stored data.
Posted Wednesday 18th June 2008 21:06 GMT
Exactly what I was thinking. Some sites go so far as to simply hash the username and password (I like to think a big site like Photobucket's smarter than this) into a cookie and just compare the hash every so often..
The fun part of that is that there's not really a way to tell for sure if cookiedata was taken until you get a copy of the source for the replacement page or what have you..
Posted Wednesday 18th June 2008 23:52 GMT
"No personal information? "
You beat me to the punch there,
And i thought i was a n00b,
who employs these people?
Posted Thursday 19th June 2008 10:25 GMT
You do realise El Reg includes such comments about "No personal information being stolen etc" are only included for our amusement.
Posted Thursday 19th June 2008 10:25 GMT
Before our Turkish friend is extridited to the USA to face criminal charges ?
Posted Thursday 19th June 2008 14:23 GMT
I have been getting atspace.com when I request photobucket.com since Wed. June 18 about 4 a.m. PDT. It's now Thurs, 7 a.m. Before that, the same thing occurred from Tues. 2 p.m. to Wed. 2 a.m. Whatever they're doing is taking far longer than a few hours. My ISP is Comcast; I'm in Oakland, California.
Posted Thursday 19th June 2008 14:48 GMT
..that the phrase "Pushti pezevenk" was in the message somewhere?
Sign up, sign up for The Register's weekly IT security newsletter - click here
Back to the article
