United Nation’s Website, Hacked
Hackademix reported that the United Nation’s official website was hacked and defaced. The hacker gained access to the said highly profiled website by simply using the technique called, “SQL injection”.
What is SQL injection?
According to the wikipedia, “SQL injection is a security vulnerability that occurs in the database layer of an application. Its source is the incorrect escaping of variables embedded in SQL statements. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another”. E-Government has the clearer definition of it which means, that it is the “name for a general class of attacks that can allow nefarious users to retrieve data, alter server settings, or even take over your server if you’re not careful. SQL injection is not a SQL Server problem, but a problem with improperly written applications”.
It’s a kind of attack which my Ka Webspy’s Guestbook experienced last June 2005 and similar attacked used to hack the Pinoy Bloggers Directory on December 2005.
The United Nation website’s Hacker
According to the BBC, the said attack was called “cyberprotest” and hackers using this name are said to be coming from Turkey and called themselves, “Turkish Defacer”.
As of writing this post, these hackers have attacked many websites already.
What’s the lesson?
Well. This simply tells us that we need to be vigilant. Since most of us bloggers are using the Wordpress blogging engine in running our blogs, so we must upgrade immediately our Wordpress installation soon as the new version is released in order to avoid such attack.
-
Sign up for PayPal and start accepting credit card payments instantly.
As the world's number one online payment service, PayPal is the fastest way to open your doors to over 150 million member accounts worldwide. -
Promote your product to high quality, targeted websites and blogs.
Find effective, influential blogs and highly targeted audiences to advertise.Choose to display your ad across entire blog networks to maximize your exposure to a wide audience.
Related Post
- Pinay Scandal
- Hacked by Own Host?
- My Photo Gallery was Hacked
- Twitter Was Hacked by Cyber Army
- Upgraded Wordpress, Avoided Access of Hackers
- The Hacker Is Who?
- Cross: Used in Religion by Pagans
- How to Hack Yahoo, GMail, and HotMail Account?
- Need To Learn Chinese
- Someone’s Making Money in Your Twitter Account
- Blog of Matt Cutts “The Google Guy”, Hacked
- Yahoo! eMail Scam, Beware!
- nimoyf.com Hacked My Yahoo Email Account
- Download Free PSP Games
- Hegemony or Survival: America’s Quest for Global Dominance (The American Empire Project)
- Wordpress Hack Warning
- www.sss.gov.ph static information
- sss gov.ph SSS Online Inquiry
Recently Commented
- Valentine's Day Wordpress Theme
- Ako Tube Pinay Scandal
- Black Hat SEO
- SELaplana is still in the Hospital!
- Mortgage, What is it?
- Please Help us Pray- SELaplana is in the Hospital!
- How to Avail Pension from SSS Philippines?
- EDSA Shang-rila Guard Scandal
- Funny Bing Bing Video
- How to check my SSS contributions?
- Even Google Steals Competitor's Data
- Make Money Online by Blogging on Profitable Niche
- 4 Google Related Books That I Want To Read
- Spogee Search, A SEM Company, Not Search Engine
- GMA7 2009 Christmas Station ID: Sama-sama Tayong Mag Pasa-Love
whoever that hackers are, they are good!
It’s The UN we’re talking about here, I assume they have the most tight security there is… apparently they need to do better.
that’s what really I was thinking. and it reminds me of my 1999 life…. playing other websites by hacking them….
Hm, I do not think that WP is vulnerable. You can avoid SQL injection when using few php functions properly (and yes, WP do use them).
Simple htmlspecialchars(), addslashes() – for input, strip_slashes() – for output make it very easy.
BTW, modify your php.ini so it won’t show any error and use @ before every potentially vulnerable function so that the output (returned error or so) won’t be shown on user’s display. This is helpful for mysql_query functions especially.
well,, why they dont try to hack NSA xD… they will be on the headlines im sure…