TechCrunch defaced by 'useless' hack

by Steve Ragan - Jan 26 2010, 09:17

Update: As of 0500 (EST) the site is back online.

Update 2: Andy Brett noted in a brief article that: “At this point we’re still gathering information on how the site was compromised...” Full article can be viewed here.

Original Article:

Early Tuesday morning on the East Coast, popular tech blog TechCrunch was defaced and shortly after taken offline while its security issues were resolved. At the time of this post, the site has remained offline for almost four hours.

The Tech Herald has emailed TechCrunch’s webmaster address for more information on the matter, but it might be a while before there is any official explanation for the defacement. However, TechCrunch is a high-profile site, so this security incident is going to grab a good deal of attention, which means you can expect to hear from the online outfit sooner rather than later.

Once the defacement was removed, the site resumed operations with a single message to visitors, which was displayed no matter how you linked to the site:

“Earlier tonight techcrunch.com was compromised by a security exploit. We're working to identify the exploit and will bring the site back online shortly.”

The defacement message itself, as seen uncensored in the image below, calls the hack “useless” and points to a Warez site operating out of France.

A post on Praetorian Prefect noted that, while there is no solid explanation as to how the defacement was executed, this isn’t a case of DNS redirection as seen in recent attacks on Baidu and Twitter.

The one possible attack vector comes from WordPress, the popular blogging platform that powers TechCrunch. TechCrunch runs several modified WordPress applications, so those could be the source of the trouble.

At the same time, it’s too soon to tell at this stage. We'll keep the story updated accordingly.

Inline image from Praetorian Prefect

Around the Web