No Intelligent Design for Dawkins forum…

 

Richard Dawkins, the evolutionary biologist and popular science author, famed for his no-holds-barred approach to what he sees as the unsubstantiated claims made by religion, certainly has all the proof he needs to believe in the cybercriminal underground.

 

Members of the discussion forum over at RichardDawkins.net all received a message, purporting to be from the forum admin which incongruously invited them to join a warez site. 

Image from www.twitter.com/fadviral

Image from www.twitter.com/fadviral

 

The apparent hack has been confirmed by the site admins with a message posted on the front page.

 

Image from RichardDawkins.net

Image from RichardDawkins.net

 

No word yet from the web site admins on how much personal data may have been put at risk during this intrusion.  If the hackers had access to the forum admin account, they very probably had access to a large amount of user information including hashed passwords (or even worse clear text passwords?) and email addresses. My advice to anyone with an account on that particular forum would be to consider the password you used, and if it is common to any other services, then change it immediately.

 

At the time of writing the forum remains offline.

forumdown


Bookmark
| More
This entry was posted on Monday, 17. August 2009 and is filed under "Hacking, Opinion, Site Compromise, data leakage, spam". You can follow any responses to this entry with RSS 2.0. You can leave a response here, or send a trackback from your own site.

12 Comments to "Richard Dawkins forum compromised"

Fad:
Monday, 17. August 2009 um 11:34 pm

Actually that first image is not from richarddawkins.net. It’s from my Twitter feed from my Gmail account. You’re quite welcome. :P

Richard Dawkins forum compromised » CounterMeasures « Jared Rimer’s Technology blog and podcast:
Tuesday, 18. August 2009 um 2:38 am

[...] Richard Dawkins forum compromised » CounterMeasures. [...]

Jim Dominic:
Tuesday, 18. August 2009 um 7:26 am

The forum software the Dawkins site was using does not store passwords in clear text.

Rik Ferguson:
Tuesday, 18. August 2009 um 8:47 am

Thanks Jim, that’s relatively good news for forum members, but remember hashed passwords can also often be cracked using rainbow tables.

nobody:
Tuesday, 18. August 2009 um 1:21 pm

but remember hashed passwords can also often be cracked using rainbow tables.

Is there really any current forum software that fails to salt the hashes?

::: dawkins website gehacked ::: | LucitheR - der Teufel steckt im Detail:
Tuesday, 18. August 2009 um 4:40 pm

[...] Infos gibt es hier [...]

Rik Ferguson:
Tuesday, 18. August 2009 um 9:58 pm

You don’t remember the phpBB.com hack from February this year? :)

eleven:
Tuesday, 18. August 2009 um 11:33 pm

The hacker has now been thoroughly ID’d, as the idiot left a trail to his registered .com

Stew:
Thursday, 20. August 2009 um 4:09 pm

The Christian Taliban

Richard Dawkins’ website hacked « Anglican Samizdat:
Thursday, 20. August 2009 um 6:44 pm

[...] Filed under: evolution — David @ 1:43 pm Tags: evolution Why was Dawkins’ site chosen? Natural Selection. No Intelligent Design for Dawkins [...]

Chris Smith:
Friday, 23. October 2009 um 1:57 am

You don’t remember the phpBB.com hack from February this year? :)

The unsalted passwords stolen then were from people who had not logged in since early 2007. phpBB3 uses salted hashes using the following framework: http://www.openwall.com/phpass/

A Whole New Meaning To Phishing | Business Computing World:
Monday, 7. December 2009 um 3:13 pm

[...] all seriousness, this attack is highly reminiscent of the recent hack of the Richard Dawkins forum and is very much a trend I expect to see increasing over the coming months and years. Gaining [...]


Name:

E-Mail (not published)

Website:


Spam protection


© Copyright 2010 Trend Micro Inc. All rights reserved.
Legal Notice | Disclaimer