[EM] wiki emergency: home page hacked (and maybe more)
Rob Lanphier
robla at robla.net
Tue Aug 30 11:38:33 PDT 2005
It's fixed now, and the IP is blocked.
Not sure what the sluggishness you saw was. It was pretty zippy for me.
I wouldn't refer to this as a "hack" (you had me worried for a sec). A
"hack" would be a case where someone circumvented the security measures
in place. Since anyone can edit a wiki, they were doing something they
were permitted to do under the security policy. "Vandalism" or "spam"
are more appropriate descriptions.
Anyway, thanks for the heads-up. I think it's all better now.
Rob
On Tue, 2005-08-30 at 14:05 -0400, Abd ul-Rahman Lomax wrote:
> Well, it has happened.
>
> The electorama wiki home page has been replaced by a list of spam links.
>
> Happened to me within about a week when I started the wiki for
> BeyondPolitics.org. To avoid it, I went to a replacement wiki
> (TikiWiki) that had user security: to write, users must log in and to
> get an account, they must register and respond to a validation email.
> Maybe there is an option with the wiki being used by electorama.
>
> That first time, I checked the access logs and found the source, and
> complained to the ISP. I'm not sure what happened, but they did ask
> for a copy of the log....
>
> I also found the registrar for many of the domains advertised in the
> list. I looked up the registration information and found fraudulent
> phone numbers. I then complained to the registrar and the domain
> registrations were cancelled. That cost them something, I'd venture
> (unless they used fraudulent credit cards, which is unlikely since
> the domains had been registered for some time.)
>
> I tried to restore the page from history, but the site is sluggish or
> non-responsive. One of two things is happening: either the owner is
> fixing it, or the spammer is busy replacing all pages. They use bots
> to find open pages and replace them with spam.
>
> I'm generally opposed to the death penalty, but when it comes to
> genuine spammers....
>
> ----
> Election-methods mailing list - see http://electorama.com/em for list info
More information about the Election-Methods
mailing list