All about Microblogging
Category Archives: Hack
Popular hacking group Web-Bashers says that it has plans to launch a hack attack on the somewhat popular social network Shoutitout on Monday.
The group published a video to Youtube under the account siobashers, there are no other videos on this account at this time. They also made a Shoutitout account @operationobliteration, but that account has since been removed from Shoutitout.
We reached out to Shoutitout for comment but they are yet to respond, Net-Bashers is yet to say why they plan on hacking into, and keeping Shoutitout down for 5 days but they do indeed plan to and they are a dangerous group that has had large successes taking down sites of all sizes.
Shoutitout would be this hacking groups largest, most well known attack so allot is riding on this for the hacking group as well. We will see how things go and keep our eyes on Shoutitout at 1am eastern time on Monday.
Here is the video:
Shoutitout said on its status blog that it had contacted Blogger on the issue and were working on restoring it. The blog has to have an associated email with it which according to our sources what had been hacked, so this was actually a Google account that was hacked. The password to this account has been changed and secured to ensure that the issue doesn’t happen again, according to Shoutitout.
The blog went down at an unknown time but the Blogger staff and Shoutitout quickly got the account back and restored the blog and its contents.
Blogger is also been changed to Google Blogs soon, which was leaked today.
WordPress.org is going to force users/already has forced users to change their passwords after several popular plugins were hacked.
Earlier today the WordPress team noticed suspicious commits to several popular plugins containing cleverly disguised backdoors.
Said WordPress in this blog post.
We determined the commits were not from the authors, rolled them back, pushed updates to the plugins, and shut down access to the plugin repository while we looked for anything else unsavory.
According to WordPress the plugins hacked were AddThis, WPTouch, and W3 Total Cache, however there are over 15,000 WordPress plugins so more may have been compromised.
To ensure safety Wordpress is force resetting all passwords on sites that use WordPress.org, the PHP script you install into your own hosting service. This does not effect us as WordPress.com was not hit this time, unlike back in April.
Reports came up this week saying that yFrog’s email-to-upload feature had been compromised, which could have lead to Rep. Anthony Weiner’s “hack” in which a lwed photo was sent from his Twitter account to a Seattle College student. Yfrog has released a statement about this feature which it had impermanently suspended.
The congressman has denied he posted the photo which shows a clothed crotch shot of an unidentified man. He blames hackers but has not outright denied it is or isn’t a picture of him.
“The Daily Dot” recently pointed out that yFrog allows users to upload photos via email from any email address without a confirmation, which means if someone were to have assess to the email address of Weiner or were to have the means to figure it out, they could upload a photo to it and it would be published to his yfrog account and sent to his Twitter feed.
yFrog recently suspended this feature, a recent blog post reminds users of proper pin privacy practices and also states:
At Yfrog, we constantly evaluate our internal security mechanisms across all the facets of our service. Even though our email upload feature has not been compromised or broken into, we are taking this opportunity to evaluate the feature and secure it even further.
The translation of that, if we heard it right, seems to be that yFrog is saying it wasn’t responsible for the “hack” of Weiner’s account. The congressman has stated that his office is conducting an investigation using an outside firm to discover the origin of the picture.
Well, as you know we love cover web wars. Here is another ojn. Today the hack group Anonymous took down, Paypals blog, M
aster c Master cards site, visa.com, Sarah Palins site (Gotta love that one), and the Swiss banks site as well as some others. DataCell has also just announced it plans to sue Master card and Visa over the canceling of there links to Wikileaks. The Twitter and Facebook accounts related to the hack group were both suspend (the Twitter account has been re created). The Twitter account has also threated Twitter with a DDOS attack if another accoun
t is suspended. If Twitter and or Facebook go down the most likely source of information will be Shoutitout, which we will constantly be on for the next few hours as this unfolds. (Visa.com has reported being down but it is still up for us.)
A few days ago a hack movement started on 4ch
an were used vowed to hack tumblr using a DDOS attack. Well, 4chan is currently down and tumblr could be behind it. The DDOS attack was supposed to take place at around the same time 4chan went down. Tumblr users had been planning a counter attack which may have b
een what happened here. Tumblr is reportedly having some issues but nothing major, meanwhile the 4chan boards are back up but are under attack by tumblr users. We will keep you updated.
[Update]: Tumblr founder David Karp:
As always, we’re aggressively suspending any accounts encouraging DoS attacks or other illegal behavior.
[Update 2]: 4chan is currently trending on Twitter, mostly negative.
[Update 3]: As far as we can tell from tweets, and actually visiting the site both sites are still having problems. We think that 4chan has launched a counter, counter attack.
[Update] The bug is reportedly been fixed.
As you know or are about to find out Twitter had a security problem this morning called the “onMouseOver” bug. In an official update Twitter explained the problem and what the attack was exactly. The hack was using some cross scripting malicious sites could redirect random users to there malformed sites and tweet likes to them as well. This attack we extremely nasty because simply hover over a link could infect you. Twitter says they had found the hole and patched it up but recent launches (not the “new Twitter”) caused the problem to come up again. Twitter says they were notified about the security problem at 2:54AM Pacific time and fixed the problem by 7:00AM. They also said most of it was for promotion and not malware but you still might want to run a security check on your computer, just to be on the safe side. No account information was compromised in the attack. This just goes to show ANY site big or small can be hacked.