[Noisebridge-discuss] blog.noisebridge.net got hacked
Andy Isaacson
adi at hexapodia.org
Thu Dec 8 22:50:26 UTC 2011
On Thu, Dec 08, 2011 at 01:56:35PM -0800, Jake wrote:
> >> If you're not security conscience and reuse the same password for
> >> everything, I would highly recommend going around and changing your
> >> passwords right now. If you're smart and used a unique password for
> >> this wordpress instance, then you're good.
>
> So the login for that is not the same as the wiki login? Or it is?
The www.noisebridge.net wiki is not affected by this compromise. The
password database is stored and used locally on www.noisebridge.net and
isn't shared with any other systems.
The original notification was from google; they noticed that the hack
resulted in a redirect to a .ru site which tries to install malware on
end user's machines, and they sent mail to *@noisebridge.net to tell us
about it.
https://www.noisebridge.net/pipermail/rack/2011-December/001249.html
My speculation in that mail about Dreamhost being 0wned turned out to be
unfounded, the dozens of ancient PHP scripts are a much more likely
vector.
I'll work with Rubin to make sure the new host for blog.noisebridge.net
is more securely configured; a fairly small amount of additional effort
would have prevented this compromise.
In the meantime blog.noisebridge.net is redirecting to
www.noisebridge.net (and URLs pointing to blog.noisebridge.net are
currently broken, sorry about that). At least we're not redirecting our
readers to malware.
-andy
More information about the Noisebridge-discuss
mailing list