Your web site not working is a real downer—I know from experience. However, I’ve never had one hacked yet in all the years I’ve had web sites, both my own, non-profit and business sites. Being hacked has got to be worse than being down because not only are not serving your readers, you’re embarrassed and you have to figure out how to clean it up.
Here’s a screen shot (click to enlarge) of the hacked CCP web site, and I would caution folks against visiting a known hacked web site. I visited this one with a special device I use for such things.
When the actual page is viewed “techno punk” music is played and the band of multi-colored text scrolls with shout-outs to other hackers. The style reminds me of Eastern European graphics demo software from the 1980’s. In Unix/Linux notation, “\.KEHED_NEWBIE” would designate a hidden file in the root directory. I doubt that this is an Obot production, but just an opportunistic hacking.
If you Google “I’m sorry Admin Touch” or “KEHED_NEWBIE” you will find of other web sites compromised in a similar way. It looks like this particular attack is directed at sites using the Content Management System (CMS), Joomla. One site noted about Joomla:
It’s probably the only CMS with the most exploits and vulnerable addons ever made, and sometimes I wonder who creates all these.
My guess is that the MCSOCCP site didn’t keep up to date with its security patches.
Previous MCSOCCP web site stories:
Update:
The CCP site is back up.
Other articles on Joomla:
By the way, I see the
MCSO— oops, I meant CCP, site is currently pwned. I don’t know if that includes malware, so gawk at your own risk.Thanks for the tip! I wrote a story 😉
obamaballotchallenge.com seems to have folded up its tents.
7 pm eastern time and it’s back up…..at least from where I sit on the left coast.
Not sure what the point of the website is as I look around for the first time in a while. The last addition appears to be a True News Radio interview with Mike Zullo from June 12th…..of this year.
Pathetic.
It’s back up here. If I read it right, he’s running Version 1.7 of Joomla, which is really old (July, 2011 to exact). The newest version is 3.2.
Any day now…..for that upgrade.
Like everything to do with the Posse it is a charade and a half-assed one at that.
” you will find _ of other web sites compromised in a similar way”
I would guess that the word “hundreds” dropped out by typo.
Yes. George took his ball and is playing here now…
http://constitutionalreset.ning.com/
Updated the Bad list below. Thanks.
I live to serve. 😉
I’m always skeptical of products with exclamation points in their names. Smacks of hubris.