Architecture, Network security, Strategy, Vulnerability management

Prominent tech blog TechCrunch hacked

January 27, 2010

A leading technology blog, TechCrunch, was temporarily commandeered by a hacker who managed to place a message that linked to a site offering adult material.

While the blog was knocked out of commission for awhile, it apparently has not been infected with malware, Graham Cluley, senior technology consultant at Sophos, told SCMagazineUS.com on Wednesday.

The takedown of the main site in the TechCrunch Network – techcrunch.com – began at approximately 10:30 p.m. PST on Monday evening. The site's administrators managed to get the site back up for a time, but then at 11:30 p.m. it went down again. By 2:00 a.m., the site was restored and as of this writing is back up. A note on the site stated that the webmasters are investigating how the hack happened and they promise to post additional information.

"That this should occur right before today of all days, when Saint Steven comes down from the mountaintop with the tablets [referring to today's expected announcement from Apple CEO Steve Jobs of the introduction of a tablet device], it's highly embarassing," Cluley said. "This is a lesson for all of us. Sites need to be secured."

What may have exacerbated the web intrusion, was that after the initial hack, TechCrunch founder Michael Arrington, reportedly in Switzerland for the World Economic Forum, made what Cluley said were glib comments, joking via Twitter that the attack was likely the result of Chinese or Canadian hackers. But, the joke rebounded when the hacker returned a second time, this time annoyed at the site instituting a new ad system that included interstitial ads, which appear temporarily, but sit on top of content. The hacker made some expletive-laced comments about it, Cluley said, illustrating that this was a targeted attack.

The silver lining is that the hack was apparently more a prank than motivated by profit, Cluley said. "It could have been much worse. This is just childish graffiti. He could have planted malicious code that would infect anyone going to the site."

What remains unanswered, however, is which vulnerability was exploited. Too defend against these sorts of attack, Cluley said that, generally, webmasters need to look at all the software on the server and make sure it is patched and fully updated. The second part of the equation is that all coding must be effective enough that hackers can't inject their own code.

"Code needs to be written securely," Cluley said. "Being as how TechCrunch is one of the most popular tech sites, you'd expect them to have some decent web coders."

But, other site owners shouldn't get too complacent just because their sites have not yet been attacked, Cluley added. "People will be talking about this hack for years."


prestitial ad