Page 1 of 1

ars technica Temporarily Defaced

PostPosted: Mon Dec 15, 2014 4:02 pm
by sunnyd
Readers attempting to reach ars technica were greeted with this message earlier as their site was temporarily hacked...

Image


A quick check of the @nidohax Twitter account showed this...

Image
(Note the email address ending in .ru)


ars Twitter feed stated this...

Image

ars technica is back up now. I'll update with any news from ars if/when available. This hack does appear similar to the Syrian Electronic Army hacks that happened earlier this year.

Re: ars technica Temporarily Defaced

PostPosted: Tue Dec 16, 2014 6:43 am
by HouseCrowd
I reckon they must've got in through an Ars-hole

Re: ars technica Temporarily Defaced

PostPosted: Tue Dec 16, 2014 10:27 am
by sunnyd
Lol, HC. I wonder how many times they were/will be kidded about similar phrases such as that.

The Twitter feed for #metapawd was interesting yesterday, and the artist for the music playing on their site (during the hack) was getting blamed too, mostly in jest though.

Hacking is just a lousy thing to deal with for anyone, or any site. Fortunately ars recovered fairly quickly.

Re: ars technica Temporarily Defaced

PostPosted: Tue Dec 16, 2014 9:08 pm
by sunnyd
Here's the report from ars technica...

Ars Was Briefly Hacked Yesterday; Here’s What We Know

http://arstechnica.com/staff/2014/12/ar ... t-we-know/

At 20:00 CT on December 14, an Internet intruder gained access to one of the Ars Web servers and spent the next hour attempting to get from the Web server to a more central machine. At 20:52, the attempt was successful thanks to information gleaned from a poorly located backup file. The next day, at 14:13, the hacker returned to the central server and replaced the main Ars webpage with a defacement page that streamed a song from the band Dual Core. That song, "All the Things," features the chorus:
Drink all the booze,
hack all the things!

The hacker didn't have long to drink all the booze and hack all the things, fortunately; by 14:29, our technical team had removed the defaced page and restored normal Ars operations. We spent the afternoon changing all internal passwords and certificates and hardening server security even further.

Log files show the hacker's movements through our servers and suggest that he or she had the opportunity to copy the user database. This database contains no payment information on Ars subscribers, but it does contain user e-mail addresses and passwords. Those passwords, however, are stored in hashed form (using 2,048 iterations of the MD5 algorithm and salted with a random series of characters).

Re: ars technica Temporarily Defaced

PostPosted: Fri May 06, 2016 4:21 am
by Urassaya
Я не знаю

Re: ars technica Temporarily Defaced

PostPosted: Fri Jul 12, 2019 3:57 am
by Prajwal Kale
Thank you for the information.