CNET también está disponible en español.

Ir a español

Don't show this again

Tech Industry

Defaced-site archive is itself defaced

Alldas.de, a well-known Web site that tracks defacements of other sites, gets some firsthand experience when a hacker cuts through its defenses.

LONDON--A well-known Web site that tracks defacements of other sites by hackers such as PoizonB0x was itself defaced Tuesday by a hacker going by the name of ThePike.

Alldas.de is one of a shrinking number of sites that track a growing number of defacements. At the end of May a similar site, Attrition.org, said it would stop tracking Web site defacements because the volunteer staff could no longer keep up with the volume.

The administrators of Alldas.de acknowledged their vulnerability to hackers: "Nothing is 100 percent secure," they said in a statement, "and today we managed to realize that our security wasn't as good as we thought."

The first sign that the site had been compromised appeared Tuesday afternoon when a message showed up saying simply: "Alldas.de got cracked." The message disappeared after a minute or so.

The attacker explained in an e-mail what he did on the server and how, shortly after the administrators had figured it out themselves by going through log files.

According to Alldas.de, the hacker said in his message: "I had no intention to clear your database or to root your server. No attempt to do this has been made." However, the administrators said that while examining their log files, they discovered that the hacker had in fact attempted to gain root, or unlimited, access.

At the end of the message, the hacker said: "To the alldas people: keep up the good work but please don't underestimate the educational role you can play as being an organization loved by script kids. In a few minutes you will receive a mail about how to fix your security. I do not have any intention to cause harm to you."

Staff writer Matt Loney reported from London.