Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Somebody from the left has hacked CYNDISLIST.COM
CYNDISLIST.COM (Genealogy) ^ | 2/4/05 | Unknown

Posted on 02/03/2005 9:44:30 PM PST by FUMETTI

Hey genealogy lovers:

The far left foreign loonies with a bad translator have hacked a non-political site, CYNDISLIST.COM...a genealogy site.

What is this world coming to when a site for genealogy lovers needs to be defaced?


TOPICS: News/Current Events
KEYWORDS: badguys; crackers; cybercrimes; cybersecurity; genealogy; hack; hacked; hacker; hackers; internetsecurity; linux; spanglish; wacko
Navigation: use the links below to view more comments.
first 1-2021-37 next last
This is what the kooks spammed:

Infektion Group

This is the real imagen of the society

This is my protest, this is my scream...you cannot close your eyes.The world have big problems and you wanna be more one?

1 posted on 02/03/2005 9:44:31 PM PST by FUMETTI
[ Post Reply | Private Reply | View Replies]

To: FUMETTI

This hacker or hackers are just pathetic


2 posted on 02/03/2005 9:45:39 PM PST by GeronL (2-7-72 is my birthday, in lieu of gifts, just send me cash)
[ Post Reply | Private Reply | To 1 | View Replies]

To: GeronL

It is actually hilarious how bad this punk hacker's English skills are, or he/she needs a better translator than bablefish.com


3 posted on 02/03/2005 10:00:02 PM PST by FUMETTI (News flash....Swift Boat Men Kicks CBS's ass....news at 11.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: FUMETTI

Sounds like one of the South Korean farmers on Lineage II got bored.


4 posted on 02/03/2005 10:01:36 PM PST by A Balrog of Morgoth (With fire, sword, and stinging whip I drive the Rats in terror before me.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: FUMETTI
Hackers suck, but.....

They do have their uses.
5 posted on 02/03/2005 10:04:08 PM PST by RandallFlagg (Roll your own cigarettes! You'll save $$$ and smoke less!(Magnetic bumper stickers-click my name)
[ Post Reply | Private Reply | To 3 | View Replies]

To: RandallFlagg

Boy this is going to be a weird night!


6 posted on 02/03/2005 10:12:57 PM PST by FUMETTI (News flash....Swift Boat Men Kicks CBS's ass....news at 11.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: A Balrog of Morgoth

I second that hunch! ;-)


7 posted on 02/03/2005 10:13:32 PM PST by FUMETTI (News flash....Swift Boat Men Kicks CBS's ass....news at 11.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: GeronL

"ALL YOUR FAMILY TREES ARE BELONG TO US!!!"

Maybe the hackers thought Cynidislist.com was the VRWC's version of the Left's Emily's List.

Jack.


8 posted on 02/03/2005 11:01:45 PM PST by Jack Deth (Knight Errant and Disemboweler of the WFTD Thread)
[ Post Reply | Private Reply | To 2 | View Replies]

To: FUMETTI

If you click the image on the defaced web page, it links to a site in Brazil.


9 posted on 02/03/2005 11:10:03 PM PST by HAL9000
[ Post Reply | Private Reply | To 1 | View Replies]

To: Jack Deth

LOL!!


10 posted on 02/03/2005 11:24:30 PM PST by FUMETTI (News flash....Swift Boat Men Kicks CBS's ass....news at 11.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: HAL9000

I wonder what that site is, when translated. This is getting more bizarre by the second!


11 posted on 02/03/2005 11:25:30 PM PST by FUMETTI (News flash....Swift Boat Men Kicks CBS's ass....news at 11.)
[ Post Reply | Private Reply | To 9 | View Replies]

Cyndislist is an old timer of a site, remarkably useful and used, and genealogy is one of the best reasons ever to even have the internet (besides FreeRepublic, email, and porno). I'm sure that was all part of Al Gore's plan when he invented it. ;')


12 posted on 02/03/2005 11:40:59 PM PST by SunkenCiv (Ted "Kids, I Sunk the Honey" Kennedy is just a drunk who's never held a job (or had to).)
[ Post Reply | Private Reply | To 1 | View Replies]

To: FUMETTI

I not sure if Babelfish does Portuguese-to-English.


13 posted on 02/03/2005 11:53:26 PM PST by HAL9000 (Skype me at "FreeRepublic")
[ Post Reply | Private Reply | To 11 | View Replies]

To: HAL9000
Is there a chance that it was written in bad English by someone who wanted to give the impression that they couldn't speak English?

< html >

< head >
< meta http-equiv="Content-Language" content="pt-br" >

< meta http-equiv="Content-Type" content="text/html; charset=windows-1252" >

< meta name="GENERATOR" content="Microsoft FrontPage 4.0">

< meta name="ProgId" content="FrontPage.Editor.Document" >

< title > Infektion Group< / title >

< / head >

< body bgcolor="#000000" text="#FFFFFF" >

< p align="center" >< font color="#FFFFFF" size="6" face="Arial Black" > Infektion Group< /p >

< p align="center" >< font color="#FFFFFF" > < a href="http://www.tvcultura.com.br" > < img border="0" src="http:// www.tvcultura.com.br /caminhos / 01mirandiba / imagens/01-05.jpg" width="150" height="113" >< /a > < /font >< /p >

< font color="#FFFFFF" face="Arial

Black" >This is the real imagen of the society < /font >< /p > < p align="center" >This is my protest, this is my scream...you cannot close your eyes.The world have big problems and you wanna be more one?< /p >

< /body >

< /html >

14 posted on 02/04/2005 12:05:31 AM PST by bd476 (God Bless those in harm's way and bring peace to those who have lost loved ones today.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: FUMETTI; HAL9000; GeronL; SunkenCiv
The following link goes to a page within the Cyndi's List site and it works fine as long as you don't click on the "Main Index" link back to the home page.

With the exception of the "Main Index" link, all the other links appear to be in good working order.

Working Link to Cyndi's List.

15 posted on 02/04/2005 12:25:48 AM PST by bd476 (God Bless those in harm's way and bring peace to those who have lost loved ones today.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: FUMETTI

These hackers have been busy.

http://www.itweb.co.za/sections/internet/2005/0501311134.asp?S=Security&A=SEC&O=FRGN

200 SA sites defaced
BY DAMIAN CLARKSON, ITWEB JUNIOR JOURNALIST

[Johannesburg, 31 January 2005] - A group of hackers has compromised nearly 400 sites, half of which were local.

The sites were hacked either late last night or sometime this morning by the Infektion Group, says Dino Covotsos, owner of local security company Telspace. “In total, there were 397 defaced, of which around 200 were on a local server and had South African domains.”

The compromised sites feature a picture of a young child and the message: “This is the real imagen of the society. Greetz: Augusto( É nois aqui de novo ), Naiana, Podres and all the peaple that I Know.”

The tysica.co.za site is one of around 200 local sites to be defaced by the Infektion Group hackers.

A recent check showed most sites still appear to be compromised.

It is highly unlikely the server was specifically targeted, but rather that the server was vulnerable during a mass scan, says Covotsos. “I don't think that the ISP was deliberately targeted, as many other servers were hacked in a mass defacement effort.”

The Infektion Group hackers have carried out a number of attacks in the past. According to the Zone-h Web site, the group has carried out 20 581 attacks, of which 2 235 are single IP, and 18 346 mass defacements.

The group, which comes from Brazil, has in the past posted political messages and is fairly well known, says Covotsos. “They are not shy to leave their details. They know what they are doing and are very quick.”


16 posted on 02/04/2005 12:46:54 AM PST by NativeTexun ("If you don't live in Texas, you don't live in the United States.")
[ Post Reply | Private Reply | To 1 | View Replies]

To: NativeTexun
Congratulations, Native Texun! This is great, you appear to be a newbie and here you've posted a news story as a response. This is amazing, fantastic, superb!

Some newbies would post a Vanity, non-news story or post a story already in discussion as a brand new thread. I'm very impressed. You must have read all the hints, guidelines, etc.

BTW, I'm a newbie myself compared to the many thousands of other FReepers.

Welcome!

17 posted on 02/04/2005 12:54:46 AM PST by bd476 (God Bless those in harm's way and bring peace to those who have lost loved ones today.)
[ Post Reply | Private Reply | To 16 | View Replies]

To: bd476

Thanks .. I just Google'd "Infektion Group" and got lots of hits telling me there were other sites hacked in addition to Cyndislist.com. It seems the hackers have been quite busy lately posting that same message and picture on a number of sites.

If I remember correctly, they're from Brazil.

This is a much appreciated response from last week when I was accused of being a troll.


18 posted on 02/04/2005 1:25:22 AM PST by NativeTexun ("If you don't live in Texas, you don't live in the United States.")
[ Post Reply | Private Reply | To 17 | View Replies]

To: bd476

Here's an interesting message they left at this site:

http://www.inside-thailand.com/

(the "F" word edited with "*" for purposes of posting to forum)
___________________________________________________________

Join against them before it if joins against you

greetz: Infektion Group members, Innocent boys, siemens, my real friends and all the peaple that help us.

And a big Fu*k to : all the peaple that hate us, USA and your government imperialist,

all the Neonazists, Bush, Tony Blair ( the dog of Bush ), coca-cola.


19 posted on 02/04/2005 1:34:33 AM PST by NativeTexun ("If you don't live in Texas, you don't live in the United States.")
[ Post Reply | Private Reply | To 17 | View Replies]

To: bd476

Here's one more of interest that appeared after Bush was reelected.

http://scatoday.net/node/view/3111

East Kingdom web site defaced by protest group
Submitted by Justin on Thu, 2004/11/11 - 16:20. East | Modern Society | SCAtoday.net

Political protesters temporarily defaced the home page of the SCA's East Kingdom earlier today, replacing it with a page of their own creation.

A group of self-proclaimed "cyberterrorists" calling themselves the "Infektion Group" [sic] replaced the home pages of over 100 sites on the same server as the East Kingdom site with their own page protesting the U.S. election results. The defaced page read:
___________________________________________________________
Infektion Group Owned You

CYBER-TERRORISM

The war of the lier Bush feeds the hate
each day grows more and more!

dominusvis@click21.com.br
_________________________________________________________

Below the text was a photographic image of the Brazilian flag. The word "owned" is a term used in hacker and cracker circles to indicate that a site's security has been compromised. Misspelled words, such as "liar" and "infection" in the above, are often intentionally part of so-called "hacker-speak" or "L337-speak" (pronounced elite-speak), a way to present an edgy image. The misspellings may also be due to the page having been created, apparently, by Brazilians, whose native language would most likely be Portuguese.

The click21.com.br domain belongs to a Brazilian company located in Rio de Janeiro, though of course there is no proof that the company knew anything about the attack, since anyone could have put that email address into a web page.

Robin Gallowglass, the East Kingdom Web Minister, says the attackers struck at about 12:53 a.m. US Eastern time, and that he first learned of the attack at about 8:00 a.m. "I was able," he says, "along with my fellow system administrators, to identify the vulnerability that was exploited and plug the hole. The defaced index pages were replaced from backups by approximately 9:30 a.m." Gallowglass says extensive backup precautions saved the day, and that he has an automated backup process that makes archival copies of the web page multiple times per day.

Gallowglass says that an unfortunate default setting in the security of the PHP web programming language was to blame. The PHP software itself had not failed, but the incorrect setting "allowed a file name for a included file to be either a path to a file on the local file system or a remote URL. This allowed the attackers to inject malicious PHP code that allowed them access to all the websites on the server." This sort of remote scripting exploit can happen in many web programming languages, and has been reported in numerous cases for both Linux and Microsoft web servers. In the case of this particular server, it was a Linux machine that was affected. The equivalent Microsoft technology, Active Server Pages (ASP), has been subject to the same kind of error in the past.

Gallowglass says that the server admistrators are careful about security, and blames poor documentation for the fact that this vulnerability "was missed in our periodic security audits." The vulnerable default setting has been changed, and Gallowglass and his colleagues took advantage of the server downtime to upgrade the Apache web server and the PHP programming language to their most recent security patch levels.

Computer security experts say that security is never perfect, in spite of a system owner's best efforts, and that off-site backups of important data are an essential part of site management because these are isolated geographically from the compromised system. In this incident, those off-site backups allowed fast recovery.


20 posted on 02/04/2005 1:42:51 AM PST by NativeTexun ("If you don't live in Texas, you don't live in the United States.")
[ Post Reply | Private Reply | To 17 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-37 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson