|
|
RIAA website wiped by hackers
Author: Gareth HalfacreePublished: 22nd January 2008
Many pages were replaced with messages reporting the content 'temporarily removed.'
The link was shared between Reddit users and exploited a hole in the SQL database backend used by the site. The attack caused the system to slow to a crawl by putting the database into benchmark mode, generating thousands of pointless MD5 checksums and wasting scads of CPU time.
It seems that at least one Reddit user wasn't satisfied with attempting a denial-of-service type attack on the website of the enemy of music lovers everywhere though, and upped the ante by modifying the SQL injection code to drop the tables containing the website content.
At least, that's what seems to have happened.
The RIAA is keeping tight-lipped about the whole affair, but we do know that the content was completely missing for a large portion of the weekend, as confirmed in the screenshot included with this article. Without any statement available from the RIAA it's impossible to know if the content was removed maliciously by an unknown troublemaker or if it was simply part of the clean-up prompted by discovery of the suddenly process-intensive database server.
Whatever the reason, the RIAA certainly has egg on its face right now. Although the site is now fixed – and the hole plugged – there are plenty of screenshots out there demonstrating that the group lobbying for ever-tighter controls on digital music distribution is seemingly incapable of securing their own servers.
That said, I hope the perpetrators are suitably ashamed. Speaking as a sysadmin myself, I wish a lifetime of Windows ME installs on anyone responsible for waking me up at o-dark-hundred because one of the servers I'm responsible for has gone non-linear. No matter what your opinion of an organisation, malicious attacks are never acceptable.
A bad joke turned ugly, or do you think the RIAA had it coming? Share your thoughts over in the forums.
Related articles on bit-tech.net
Comments (26)
Stats: 0.080 seconds
That's what you get for supporting a jack ass organization with your work.
i like it, i think i'll remember that!
Ontopic: mildly funny, but blatantly pointless
Right, and if it was Hitlers website for Nazi Germany back in the 1940's that was hacked? You're right. Completely unacceptable... And with his website totally not hacked, Hitler would be all, like, totally like,
http://burningfeetman.googlepages.com/dancinghitler.gif
Isn't that a shade harsh? I mean, really, installing 98 with your left nut on camera is less humiliating and demoralising than ME.
Maybe a few years, but not a lifetime, that's damn near murder :(
But it's the RIAA...
WIN!!! :D
anyway, as bad as hacking companies servers and being an a$$hole is, the MPAA had it coming miles off {like media defender) and I'm somewhat surprised it took this long to happen.
I find it hard to feel sorry for the sysadmin in charge of the server.
I know he/she is just trying to make a living, but if its not morally defensible, there's bound to be repercussions. :/
Of course as I'm in the middle of a web programming project right now, this is just another reminder for me to be very aggressive with my clean() function ;)
amen.
ontopic: its far from a bad joke turned worse. i think its a good joke turned better. but thats just me. for god sake, its not like people are dying here... its just a few folks had to woke up in the morning, panic a wee bit, and RIAA got an egg in their face. thats it.
if the hack causes death or any life-harming consequences, then yeah, thats a good joke turned bad.
woohoo!!!!!
The people fight back!
anyway, made me laugh. just wish the attack on them had made some kind of a difference. but, cut one head off, seven more replace it.
I had i great laugh reading this thinking: "yeah, that was strike 1.. wait for strike 2" yes.. they got what they had coming for a long time... and.. still.. this was just like a harmless joke.. apart from some costs it has probably caused...to regain the content etc... nothing "bad" has happend.... besides... now they have a reason to raise prices on CD/DVD Media etc.
lol, they should of turned it into a mock torrent site.
They started out by hammering the server's CPU by passing commands that would take a long time (like calculating the MD5 sum of "asdf" 10,000,000 times.
http://img301.imageshack.us/img301/724/riaaaask8.jpg
At one time, they had the homepage linking to thepiratebay.org. :D lol
Riaa: "Dont cry in front of them. Dont Cry!"
Nope, my version of ME ran flawlessly for years, I thought it was a great little operating system. It was only some time later when reading opinions on it on t'internet did I realise it was supposed to be a bad OS.