I just received a comment on one of my posts, supposedly by the hacker (him/her)self (at least, they used the same email to comment here as was used in the defacing), about the fact that one of the department websites at Stanford University had been hacked into. This time it was the Center on Polymer Interfaces and Macromolecular Assemblies (CPIMA).
Sure enough, when I went there, the homepage had been changed to deliver a message from the hacker. The entire
About CPIMA section had been replaced with this:
For those who can’t see the image, the text reads: “Yeah Im here | By Peforce | Hey Admin dont forget i dont delete your files | i just wanna play with universities | Dont Forget We Are The Best In The World | Need Help?? firstname.lastname@example.org | Peforce.org” The title had been altered as well:
Of course I have no idea how they got in, but the people at Stanford are using WordPress MU 1.2.4. Seeing as how that version is based upon WordPress 2.2.2, and the fact that the next version, 2.2.3, was a security release, and that even then 2.2.3 had security holes in it, I think it would be a great idea for Stanford to upgrade their version of WordPress at the very least. As it just so happens, WordPress MU 2.6 is available.
Oh, and they should also consider the Login LockDown security plugin, which helps prevent brute force attacks, after the back doors are all closed. 😀