Oct 16, 2010 09:28 GMT  ·  By

Experts claims the defacement of copyprotected.com was achieved through SQL injection, while other reports suggest the UK Conservative Party website might be next.

Members of the notorious Anonymous collective hacked MPAA's copyprotected.com website yesterday and placed The Pirate Bay logo and the group's Operation Payback manifesto on its home page.

According to various reports, the attack involved unauthorized changes being made to the name server (NS) records of the domain, which resulted in traffic being redirected to an IP controlled by hackers.

In such attacks domain registrar employees are usually tricked into handing out control over the domain to impersonators. This method was previously used to hijack CheckFree.com, Comcast.net, Twitter.com or Baidu.com.

However, Sean-Paul Correll of Panda Security, doesn't agree with the "DNS cache poisoning" theory. According to him, the attack vector was SQL injection.

"The original researcher assumed that the host of the hijacked site was not affiliated with the MPAA website,  but we can see that the reported IP is hosting other MPAA related websites [cptwg.org, filmratings.com]," the researcher writes.

Correll even points out exactly where the exploited SQL injection weakness was located and calls the flaw "rudimentary."

Meanwhile, The Register reports that there's been talk around 4chan – one of the Anonymous gathering places – of an SQLi vulnerability on the website of the UK Conservative Party.

The 4chan thread, which has since been removed, even mentioned a successful compromise of the site and contained fragments of alleged internal logs. However, the attack was not confirmed.

So far, Anonymous' Operation Payback campaign, focused on launching distributed denial of service (DDoS) attacks against copyright-lobbying organizations.

These recent events might suggest a change in the group's modus operandi. Defacements are certainly more embarrassing for the victims and since they are usually a result of server compromise, they can serious effects.

The ACS:Law email leak, which put the organization in hot water, is a good example of what can happen when ill-intentioned individuals get access to hidden content on a Web server.