Website for computer security experts hacked First Forensic Forum - a UK based association of computer security professionals - has been hacked. F3.org's website was defaced (screen shot here) with a message poking fun at the association of computer forensic experts. The timing of the defacement on Thursday was fortuitous (or well planned) since the organisation is …
Secure your Web site; then deliberately open a single page to certain exploits, and wait to see which flies blunder into your Web...
Defacing a security firm's site is about as smart as vandalizing a panda car in the local cop shop's garage. Too bad we'll never be told the juicy details of what happens to the rather stupid vandal who did this.
In other news, DARPA is consulting with Paris Hilton to learn what technology she uses to make her panties disappear...
going by the fact that 90% of my work is cleaning up after a so-colled {and billed} security experts. supposed work
i would guess that the people running the site were employing those of the same calibre
or more likely hosting with a company that ill-secures its servers
the fixed by frontpage page kinda re-enforces that for me. a security expert that can't knock up some html unaided{or at least clean the frontpage crap out after} is hardly much use at spotting a subtily hacked site {malicious code insertion} for their clients
let alone securing or auditing the system/network it runs on
A real honeypot would hide the actual site, so that only the defacer would see the defacement. If this was at least a halfway-decent org, the hard drive would have been pulled for forensics already, with a restored site up already.
It might be as smart as vandalizing a panda car, but if days pass and the panda car's not only still gang-tagged, but being driven about like such, what does it say about the cops?
Infantile scriptkiddies noisily defacing unimportant sites are not a worry - nothing to see here, please move along.
Criminals from eastern Europe or the far east infiltrating (or convincingly spoofing) Amazon or PayPal then siphoning my bank account *are* a worry. Those baddies aren't 15-year-old Chinese or Californians and they don't gob off with grafitti.
Incidentally, Morley, I don't think it was a honeypot situation. And I doubt if Hilton's ever worn knickers - a bit of a downer for avid sniffers.
Looks to me like the F3 website uses Xoops opensource content management system, which is understandable for non-profit organisations since these CMS provide great functionality for free.
However one of the drawbacks of opensource systems like this are script injection vulnerabilities etc that are posted on underground websites and then used by low-level hackers (the infamous "script kiddies") who are often just trying to boost their ratings on a hacker website like www.zone-h.org. Interesting that that site is built with Joomla!!
I had an e107 site hacked in this way last year, "elhackerone" even kindly renamed the index page "indexold" before replacing it :-) I sent him an email and he told me which exploit he'd used so I could patch it. Took all of 30 seconds to sort it out.
So it wasn't really the admins or hosts fault, unless the Xoops version was very old - it is more accurately the price you pay for using "free" software...
These guys are specialists at dealing with the unpleasantnesses of locking up pedophiles, not securing web servers.
We should be feeling sorry for people who whist making the web a nicer place for the population as a whole get harassed by some script-kiddie who can't construct a decent sentence.
However, as some of the members of F3 include pretty much every UK police force, he better have made sure that he/she cleaned up after him/herself pretty well !
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
