14 DAY TRIAL // The popular technology blog TechCrunch was hit by hackers yesterday evening, resulting in a downtime of several hours. The website's home page was altered to only display a link to illegal content.
TechCrunch.com is a technology blog founded in 2005, which has grown to become one of the major sources of technology news on the Internet. According to Alexa, the website currently has a global traffic ranking of 373 and a 216 one in the United States.
The problems began for TechCrunch at around 10:30 pm PST on Monday when unknown hackers modified its home page to only display the word "hi." The page was later changed to read "We'll be back shortly," suggesting that webmasters regained control of the website.
After a while, the site was hacked again and a link called "rapidshare downloads" appeared on the home page. The link actually pointed to DupeDB, a known warez website and was subsequently replaced by a "We'll be back soon" message.
Hackers took over TechCrunch for a third time and left one offensive message accompanied by a link to the illegal content distribution site mentioned before. A final message from staff after this attack was also repelled, saying "Earlier tonight techcrunch.com was compromised by a security exploit. We're working to identify the exploit and will bring the site back online shortly."
Specific technical details regarding the incident are lacking, but a DNS hijacking attack similar to those experienced by Twitter and Baidu is out of the question. According to some sources cited by Praetorian Prefect, TechCrunch was using WordPress 2.8.4 at the time of the incident and 2.9.1 after. This apparent platform upgrade suggests that a WordPress vulnerability might have been exploited.
"Either way we expect TechCrunch, who has provided extensive coverage of other site compromises, to be just as up front in analyzing how their own site was cracked," security researchers from Praetorian Security Group, write. "At this point we’re still gathering information on how the site was compromised, and will update this post with additional information," an official statement from TechCrunch reads at the moment.
Update: TechCrunch was hacked yet again. Read the full story here.
