Talk about timing. Techcrunch, one of the most popular websites on the Internet with an Alexa rank of 373, was hacked and defaced today.
The timing was incredible because Apple is expected to announce their new tablet tomorrow (Wednesday) and it was certain that Techcrunch would be covering it in detail which would cause possibly millions of visitors to the site.
At first, the defacement contained nothing more than a link to a rapishare download. However, since the original cause had not been determined, the hackers/cybercriminals/defacers had changed the homepage a few times.
Approximately 10 minutes after the first defacement a webpage saying nothing more than, “We’ll be back shortly.” appeared and then a message showing, “What a (f-word) useless hack isn’t it? Bleh” and a link to dupedb.com.
Imagine the potential magnitude of this if instead of a defacement it would have been delivering some new, unfound, malicious payload to every visitor. What if when you tried visiting that site, you saw the infamous, “This site may harm your computer” moniker that Google puts on websites that are considered suspicious?
Surely a site like that wouldn’t be compromised, right? Would you have just switched browsers and gone to the site anyway?
As of this writing, I still haven’t seen any reports on how this happened, but I’ll be following this closely to determine what precautions you may need to take to prevent this from happening to your digital assets.
Many speculations are flying across the Internet. Techcrunch is based on WordPress so many automatically assume it’s a vulnerability there. Others have suspected that since Techcrunch is hosted on Rackspace, who was in the middle of the Aurora attack on Google recently, that it might be remnants of their recent woes.
At this time, nothing is official but I’ll keep watching and let you know what I find…
