Attacker leaves taunting message

Jan 27, 2010 09:31 GMT  ·  By

TechCrunch has been the victim of a cyber-attack for a second time in less than 24 hours. Following the new incident, an offensive and taunting message was left on the front page of the technology blog.

It seems that someone has a personal vendetta against the world's second most popular technology blog and its founder, Michael Arrington. The attacker appears to be particularly bothered by an interstitial ad introduced by the website.

This time around, only the header of the homepage was modified to add a link and a message. "So Arrington, how much did all the media coverage yesterday brought you in trough the welcome.html ad you forced people to? What a [expletive] retarded move was that you [expletive]," the hacker wrote.

The link accompanying the message points to a warez website called DupeDB, which is consistent with the previous attack. The hacker also criticized the media agencies that covered the former incident and presented DupeDB as an adult content distribution site.

A serious threat has also been made, which might suggest that this is not the end. "You should be thanking me [...] for not deleting everyone on the box and publishing the mysql, if that’s what you want O.K, I can do that," the hacker says in his rant.

Following the incident, TechCrunch went offline and a "We'll be back shortly" message was put up on the front page. The website was quickly restored, but users continued to report frequent database and 404 errors.

This is a particularly bad time for TechCrunch to go head-to-head with a determined hacker. Apple is set to unveil a revolutionary tablet device today. Not being able to cover the much anticipated event due to technical problems would cause significant monetary losses for the website, whose revenue is mostly derived from advertising.

There is little official information regarding the technical aspects of both hacks, except for the fact that some kind of exploit was used. Given the unusual header alteration, some people have speculated that an administrative account was compromised or it could be that a vulnerability was exploited to add a shadow account.

Photo Gallery (2 Images)

TechCrunch hacked twice in a day
Hacker leaves angry message on TechCrunch front page
Open gallery