“If some of you thought mIRC Resources had a somewhat peculiar decoration earlier today, you were right” the webmaster of mIRC-Egg.net reports on his site.
The website was defaced and showed a nazi symbol. We asked webmaster Bop how the defacement took place. “The actual defacement utilized a lacking input checking in the backend application for the site, PostNuke. This weakness has been exploited in the popular forum application phpBB previously (as a side note, we do not use for any part of the site).”
“A more thorough scan of the access log file shows a large number of similarly formatted GET strings during the days leading up to the defacement, and there have been attempts since as well, suggesting that any affected site should take steps to close down some of the holes.”
Bop also hinted to close the site, too “not waste time on this kinda nonsense.” We asked Bop if he would seriously consider doing so. “As far as shutting down the site, that’s something that inevitably becomes an issue from time to time if you spend enough effort on it without achieving whatever you’re trying to achieve at the moment. [...] Certainly I have no intent of doing so due to mere defacements, as these are nuisances more than actual problems.”
“And of course, on the flipside, I really should have updated the backend code long since, but there it is. It is all too easy to forget that IRC at the end of the day, for most of us still is a hobby, and lest we make it more, it should not have more impact on us than that, either.”