TechCrunch Hacked Again! Hackers Find Security Exploit

By 27-01-2010   BloggingSecurity

TechCrunch hacked! Its unbelivable but true. As I visited the top tech blog, I found the entire TechCrunch.com site is offline and this notice is posted

A lot of blogs were buzzing and found different screenshots. Inqusitr says as of 10:20pm PDT Monday (Jan 25) TechCrunch was offline with a message that simply stated “hi” on its main page.

techcrunch hacked

Technologizer says they found this bad worded message posted

techcrunch hacked

Techie-Buzz found a rapidshare download link onsite

techcrunch hacked

Its seems the secuity exploit which enabled hackers to take Techcrunch offline and post spam messages and links is not yet identified as TC continues to be offline.

Techcruch is powered by WordPress (like us) and they must surely be runing the latest WordPress version. Are you still running an older WordPress version, upgrade now as everyone knows your wordpress version. Here are some 3 WordPress security tips I learnt from Matt Cutts and some top WordPress security plugins you need to check out.

This clearly exposed the vulnerability of top blogs to online threats and yet unfound security exploits. Its is very essential to keep backups of your blog. TechCrunch has the best of tech support, security experts and network engineers, if they can get hacked, any blog can get hacked…

Update: It seems Techcrunch got hacked again and the hacker was annoyed with the interstitial ad. So was WordPress the cause? I read this comment by Mark Jacquith and am now more wary of using unsecure WordPress plugins.

They probably didn’t get “onto the server” in terms of getting shell access. More likely is an insecure plugin that allows PHP injection. Their wp-admin is HTTP Auth protected, so it’s unlikely that someone did this with a WordPress account. They’d have to know the HTTP Auth user/pass as well.

 

7 comments on “TechCrunch Hacked Again! Hackers Find Security Exploit

  1. Arun Basil Lal says:

    Some pages are still down. It should take a while to bring all back up I guess. TC is so big.

  2. WhizGremlin says:

    Wouldn’t you think ppl would have better things to be doing, whats the point of it all, so what they’ll put it back up, they had a nerdy giggle for 2 seconds wow!

  3. Debajyoti Das says:

    This clearly shows us that WordPress has Security Issues.. I have seen many top blogs going down…
    And now Techcrunch…. !!

    No matter how one tries to secure his folders etc on his wordpress host … experianced hackers always find ways of accessing the database….

    Lets hope Something will be done…

  4. Jimmy Burnett says:

    TechCrunch getting hacked isn’t really big news. In fact websites getting hacked is so common now everyone is used to it. You just expect to get hacked… :-)

  5. Bina says:

    I was just looking around for ways to hack proof my site and I find this? Despaired would be an understatement.

  6. debu says:

    damn! these people are so intelligent
    are there any active hackers group in India. if yes then what are they and what they do. they are good or bad guy

  7. james says:

    Wouldn’t you think ppl would have better things to be doing, whats the point of it all, so what they’ll put it back up, they had a nerdy giggle for 2 seconds wow!

Leave a Reply

Your email address will not be published. Required fields are marked *

css.php