Hacking Horror Story…
Joe’s post today was about the importance of backing up your blog, and it’s something which I now realize can never be taken too seriously - only this week another website I write for, Make Use Of, was hacked and the editors blackmailed.
You may read Make Use Of, if you don’t then it’s one of the larger tech blogs dedicated to webware and software reviews and has over 25, 000 daily subscribers.
You hear about hacking stories and security alerts all the time around the internet but you never really expect it to happen to you, however Make Use Of certainly wasn’t taking any risk, I’ll give you the summary of what this hacker did:
A certain Al Ferank of Dubai hacked Aibek, MakeUseOf’s owner and editor’s Gmail account, it’s worth noting that Aibek was using a secure scrambled password of 15 characters, if it’s that easy to gain access to Gmail perhaps their security needs to be looked at.
Within the account he than set up an email filter to forward GoDaddy communications to another email account, using these details he called up GoDaddy directly and identified himself as Aibek, he simply stated the username and password of the account and requested the domain be transferred, this was carried out within the hour.
Viewers of MakeUseOf where suddenly greeted by a static page filled with nothing by paid links and advertisements, editor Mark O’Neil found out via Twitter shortly afterwards and contacted Aibek.
As they where trying to figure out what happened they received a charming email from the man himself:
I said it very simply and very easily !
2 K !
Deal or not ?!
You own the domain I get the money...
Regards
Make Use Of was hacked and the domain stolen within an hour, the process of getting it back took significantly longer:
Aibek contacted NameCheap – the hosting company the domain had been transferred too and they agreed to lock the domain down while they and GoDaddy investigated the situation, although they warned it might take between 20 hours and 3 days. In the end after much back and forthing between Aibek, GoDaddy legal and their PR department the whole process of getting the domain back took about 15 hours, getting MakeUseOf online again took another day or so.
I can actually think of no way this could have been avoided on MakeUseOf’s part, however I definitely think Gmail needs to look at their security measures, obviously a ‘strong’ password isn’t strong enough.
Advertisement
That’s why there is Noscript and Adblock for Firefox. Don’t browse without it!
yes you guys who mentioned the scripts are correct, the hacker didn’t actually get the password just did something with a script to creat a filter for gmail.
I don’t actually know how this stuff works =)
Most likely is that his password was not cracked, but simple XSS was used while he was logged in to Gmail.
See here for an example:
http://www.gnucitizen.org/blog/google-gmail-e-mail-hijack-technique/
I agree with the guy who said its the user – I don’t know the guy personally, but it seems much more likely they managed to plant a trojen on his computer and gained access that way.
I am not saying a gmail hack is impossible here, im sure there are ways, but I just think its a lot more likely they gained access through him.
(Keep in mind, I don’t know him, so I don’t know what he does as far as security).
You are naive.
Aibek obviously run some kind of malware on his personal computer and got infected by a trojan created by the so-called hacker.
Google Bifrost or Poison Ivy for more information about “RATS” (Remote Administration Tools).
It’s called PLR (Point of Least Resistance), and that’s the user in this case, not Gmail.
Hmm I feel this was more than a ‘hack’. Considering all web mail sites have a limited amount of password fails, there maybe something more sinister at play. Then again I don’t use certain items and am uber paranoid.
Oddly enough this sounds almost exactly like a previous hack that was floating around for gmail. However, instead of directly gaining access to a gmail account, a bookmarklet was created that would create a filter in gmail.
In that way, the perpertrator could get around needing to know your gmail password and just hope you clicked it.
As far as I know, that bug was reported fixed a long time ago.
Which is why you should not use web email accounts for domain control. It seems to be much easier to hack a web account than a POP3 account.
Is is really sad that Makeuseof Hacked its one of my favorite sites like this ,a strong password not safe enough in case of Makeuseof then what I have to follow in case of passwords as my site is not famous though to get hacked,but its good to have by applying strong passwords and changing passwords often might help.It will be nice if you article how bloggers should approach so that these kinds of things not happen again.
Was it a Pailn hack? (i.e. If your password was that secure, was it your security question that was the open window?)