Comment spam isn't the only thing that bloggers need to worry about. Apparently a bug in a popular log file analysis program has been exploited by attackers, who were then able to deface a popular blog and other Web sites.
Blogger Jeremy Zawodny reported on his blog late Tuesday that his primary server had been hacked.
Blogger Russell Beattie also noted the results of discovering a break-in on his blog.
The attackers of the Zawodny site also submitted their defacement to a site that tracks such exploits. In this case, "Infecktion Group" claimed credit and posted screenshots of the defacements across four different subdomains attached to Zawodny.com (including family, twiki, textfiles, debian and Jeremy.zawodny.com). The defacement included a picture of a crying child with the caption, "This is my protest, this is my scream...you cannot close your eyes. The world have big problems and you wanna be more one?" [sic]
Yahoo Finance Hacked & Defaced [SearchEngineWatch]::
Jul 31, 2006 They have mirrored the defacement here and here. You are here: SEW Home › SEW Blog › Yahoo: Finance › Yahoo Finance Hacked & Defaced
http://blog.searchenginewatch.com/blog/060731-101924HOME |
newyorkshitty.com » Blog Archive » Meanpoint Photo du Jour: Noble ::
Jun 23, 2008 newyorkshitty.com, Greenpoint Dog Log Blog: One Woman’s Crusade We definitely expected it to be defaced over the weeks it was up,
http://www.newyorkshitty.com/?p=5490HOME |
Over the last three days the same group has reported over 400 such defacements, though it is unclear how many are blogs and whether the same attack vector was utilized. In the Zawodny.com case, the attackers were apparently able to comprise the system by exploiting the AWstats Web log file analysis system used on his server.
BlogNetNews.com » Oregon » FURIOUS nads! » Still Defaced::
BlogNetNews human aggregation brings together the best of state, local and topic-focused blogs with the latest posts, powerful local search and tools for
http://www.blognetnews.com/Oregon/feed.php?channel=94&iid=48176&order=kHOME |
defaced: Blogs, Photos, Videos and more on Technorati::
Defaced By Eblis-248 Digital Security Team Visit the Technorati blog directory and browse through blogs from many popular categories.
http://charts.technorati.com/blogs/tag/defacedHOME |
The exploit is known as the "AWStats 'configdir' Remote Command Execution Exploit" and was publicly disclosed on January 17th, by security firm iDefense. According to the iDefense advisory, remote exploitation of an input validation vulnerability in AWStats allows attackers to execute arbitrary commands under the privileges of the Web server. Once exploited, the remote attacker can execute arbitrary commands, as evidenced by the defacement perpetrated by the hacker group.
The AWstats project released version 6.3 on January 28th, which apparently fixed the flaw, though previous versions are all still at risk.
 Red Hat and Meetup.com Cross Roads
 Microsoft Developers, Meet Salesforce.com |
Popular Blog Defaced