Xojo Conferences
MBSSep2018MunichDE
XDCMay2019MiamiUSA

Help system hacked? (Real Studio network user group Mailinglist archive)

Back to the thread list
Previous thread: RegEx mystery
Next thread: Extracting Text From a PDF FIle?


No UTF32?   -   Rubber Chicken Software Co.
  Help system hacked?   -   Greg Olson-Hyde
   Re: Help system hacked?   -   Franklin
   Re: Help system hacked?   -   Thom McGrath
   Re: Help system hacked?   -   Greg Olson-Hyde
   Re: Help system hacked?   -   Thom McGrath
    Re: Help system hacked?   -   RPEHLM

Help system hacked?
Date: 25.09.11 09:42 (Sun, 25 Sep 2011 18:42:50 +1000)
From: Greg Olson-Hyde
I just tried to use the on-line help system and got the message that it had been hacked - why would they bother?

Greg
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>

Search the archives:
<http://support.realsoftware.com/listarchives/lists.html>

Re: Help system hacked?
Date: 27.09.11 05:18 (Mon, 26 Sep 2011 21:18:01 -0700)
From: Franklin

On Sep 25, 2011, at 1:42 AM, Greg Olson-Hyde wrote:

> I just tried to use the on-line help system and got the message that it had been hacked - why would they bother?

Most likely? For money.

The majority of the Web site hacking that I see these days is done with automated tools. The prolific hackers don't target specific Web sites, and they may not even know what site in particular they're after. Instead, they target any site that's vulnerable, often for the same reason that they target home PCs...for the purpose of making money.

Hacked Web sites, no matter how small or obscure, are worth $$$, either directly or indirectly.

Some of the direct ways to make money from hacked Web sites include installing hostile JavaScript or Java applets on the site which try to download malware onto visitor's computers, installing bank or PayPal phish pages on the site, installing spam command and control software on the site, installing spam mail relays on the site, or installing botnet command and control software on the site.

Some of the indirect ways to make money from hacked Web sites include installing redirectors on the site that lead to phish pages or malware droppers (hackers will often use two, three, or more redirectors to obscure the chain, knowing that it will take longer for hosting abuse teams to shut down the payload phish page or malware dropper), hosting files on the hacked site which are used to boost the page rank of malware droppers, or hosting illegal content of other sorts on the site.

On top of that, many sites are hosted on shared servers. If the shared server or other Web sites on the server are badly configured, then the hacked site can be a gateway to taking control of the entire shared server and all the other sites hosted on it.

No site, no matter how tiny or obscure, is safe from being hacked. Any Web site--*any* Web site--has value to hackers. This is something I emphasize to my clients all the time.
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>

Search the archives:
<http://support.realsoftware.com/listarchives/lists.html>

Re: Help system hacked?
Date: 27.09.11 06:56 (Tue, 27 Sep 2011 01:56:32 -0400)
From: Thom McGrath
In this case, it really was disruption / bragging rights. No malware, no redirects, no ads, nothing like that. Nor was it a random automated attack, the hacker went after our hosting company specifically. He found a vulnerability in the company's control software. It looks like he was mostly after credibility as a hacker, though after targeting Google, not sure why he'd feel it necessary to go after our host.

Re: Help system hacked?
Date: 25.09.11 11:34 (Sun, 25 Sep 2011 20:34:38 +1000)
From: Greg Olson-Hyde

On 25 Sep 2011, at 19:16, Thom McGrath wrote:

> I didn't notice anything wrong at docs.realsoftware.com though, what did you see?

I accessed it through the Help menu in 2011r3 - Seems OK now.

I saw a black screed with the word 'Hacked' on it, I then exited quickly.

_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>

Search the archives:
<http://support.realsoftware.com/listarchives/lists.html>

Re: Help system hacked?
Date: 25.09.11 10:16 (Sun, 25 Sep 2011 05:16:34 -0400)
From: Thom McGrath
We weren't specifically the targets, they went after our hosting company, since our host has access to all our servers, went after their clients as well. I've already cleaned up our server and locked our host out until they get the problem taken care of. I didn't notice anything wrong at docs.realsoftware.com though, what did you see?

Re: Help system hacked?
Date: 25.09.11 11:06 (Sun, 25 Sep 2011 12:06:43 +0200)
From: RPEHLM
Looks OK to me.

Robin

On 25/09/2011 11:16, Thom McGrath wrote:
> We weren't specifically the targets, they went after our hosting company, since our host has access to all our servers, went after their clients as well. I've already cleaned up our server and locked our host out until they get the problem taken care of. I didn't notice anything wrong at docs.realsoftware.com though, what did you see?
>
> --
> Thom McGrath - @tekcor
> Web Framework Architect, Real Software, Inc.
>

_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>

Search the archives:
<http://support.realsoftware.com/listarchives/lists.html>