Thursday, December 18, 2008

indianidolshow.com hacked

The official site of Sony Television's indian Idol show is not as impressive as other fan-made sites because of poor video quality,biased contents and reviews,etc.

indianIdolShow.com before hack

Of all fan-made sites, indianidolshow.com was getting popular because of up-to-date content and high quality videos of every episodes. I don't negate the existence of other good fan-made sites made esp. for indian idol's recorded episodes but to some extent, indial idol fan living abroad were hugely impressed and kind of glued to indianidolshow.com

indianIdolShow.com after Hack

The site is recently hacked by formidable devious black hats known as Fawaz. I don't blame the black hats who hacked the site but the owner of the site who poorly maintained his site and didn't put much of his concern towards the security of his site.

If you don't want to have fate like that, go and secure your accounts with passwords almost impossible to crack, make it hard to compute even with brute force/dictionary tools

I usually go to https://www.grc.com/passwords.htm and generate a passwords, pick portion of it, save it somewhere else that I only know and put the different passwords on every account whenever necessary. To use the password back on, the only thing that I do is, copy-paste the passwords. To create reference, I use the various password phrase that nobody on earth has any idea about.

Analyzing how this site got hacked, I'm putting myself into black hats shoe. He/she must have found the exploits on the wordpress engine that this site had been using. Once the wordpress database has been compromised, the same password must have been used to take control of domain name. (Here most of the people slip, because they use same password on their accounts. If you set different passwords, you'll give hard times for them who make attempt to hack into your system.) He/she then might have transferred domain name to under his control if he/she wanted it to be irrecoverable. I've seen that most of the sites hacked by this black hat hacker is almost dead, irrecoverable and out of control from the hands of original owner. The other ways he could've made it work is could be tampering with ftp access, telnet, or spoofing, or any means necessary to breach weak security of sites login.

Bottomline: indianidolshow.com is hacked.

0 comments:

Copyright © 2014
Designed by Navin