Photobucket got hacked
Posted: Tue Jun 17, 2008 7:25 pm
Well if you're wondering where your images went, seems Photobucket got hijacked by a Turkish hackers group today.
TexasCHLforum.com
The focal point for Texas firearms information and discussions
https://mail.texaschlforum.com/
Photobucket got hacked
Page 1 of 1
Re: Photobucket got hacked
Posted: Wed Jun 18, 2008 7:41 am
Thankfully, all of my images are still there...
Re: Photobucket got hacked
Posted: Wed Jun 18, 2008 10:53 am
Ugh, use tinypic.com instead.
Re: Photobucket got hacked
Posted: Wed Jun 18, 2008 12:04 pm
or just don't post photos that you don't want to fall into the wrong hands
Re: Photobucket got hacked
Posted: Wed Jun 18, 2008 1:00 pm
While your account on Photobucket remains unaltered, any forum threads where you posted pics hosted at Photobucket have lost the links, the images are gone from your posts.
Re: Photobucket got hacked
Posted: Wed Jun 18, 2008 9:20 pm
Checked a few of my older posts... links and pics still intact. No problems on the Photobucket side, either. Guess the hackers didn't see anything too interesting in my album. 
Re: Photobucket got hacked
Posted: Wed Jun 18, 2008 10:18 pm
what did they get out of this hack anyway
Re: Photobucket got hacked
Posted: Thu Jun 19, 2008 8:04 am
Attention.lunchbox wrote:what did they get out of this hack anyway
Re: Photobucket got hacked
Posted: Thu Jun 19, 2008 1:08 pm
The pictures and other information in this site were not compromised. Some of the pictures were not available for a short period of time because of an attack on the DNS (Domain Name Server) used by Photobucket. DNS servers convert website addresses to numerical addresses. So the hack caused a request for Photobucket from that DNS to be redirected to a site put up by the hackers.
http://blogs.zdnet.com/security/?p=1285
June 18th, 2008
Photobucket’s DNS records hijacked by Turkish hacking group
Posted by Dancho Danchev @ 6:27 am
Yesterday, Photobucket the world’s most popular photo sharing site according to Hitwise had its DNS records hijacked to return a hacked page courtesy of the NetDevilz hacking group, a Turkish web site defacement group most widely known for its defacement of the adult video site Redtube earlier this year. Photobucket users across the world are reporting minor outages of the service and problems when trying to access their accounts, the consequence of what looks like the type of DNS records hijacking that redirected Comcast.net to a third-party domain last month.
Third-party site monitoring services indicate that the site was down for 15 minutes yesterday, from from 17:39:39 to 17:55:10, whereas according to a comment left by a Photobucket Forum Support representative, the downtime due to the propagation of the corrected DNS entries was longer :
“On Tuesday afternoon, some users that typed in the Photobucket.com URL were temporarily redirected to an incorrect page due to an error in our DNS hosting services. The error was fixed within an hour of its discovery, but due to the nature of the problem, some users will not have access to Photobucket for a few hours as the fix rolls out. It is important to note that only a portion of Photobucket users encountered the problem and that no Photobucket content, password information or other personal information was affected by the redirect.�
The NetDevilz hacking group left the following message, [Message was in Turkish and I edited it out] that appears to have been loading from a third-party domain,Photobucket downtime netdevilz atspace.com in this case :
The hacking group appears to have been using the hosting services of atspace.com, the web hosting service of Zetta hosting solutions, and users of Photobucket attempting to access the site with the old DNS entries are still being redirected to a default hosting ad page within atspace.com. The effect of the redirection can also be seen by taking a peek at the publicly obtainable stats for atspace.com, where the sudden peak in traffic resulting in 118,864 visitors for today came from the default ad page used in the redirection.
With the second DNS hijacking attack against a high-profile domain in the recent months, it seems that adaptive malicious parties unable to directly compromise a site will continue taking advantage of good old-fashioned DNS hijacking. At least to prove that it’s still possible even on a high-profile domain using the services of a Tier 1 domain registrar.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and E-crime incident response. Dancho is also involved in business development, marketing research and competitive intelligence as an independent contractor. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis.
http://blogs.zdnet.com/security/?p=1285
June 18th, 2008
Photobucket’s DNS records hijacked by Turkish hacking group
Posted by Dancho Danchev @ 6:27 am
Yesterday, Photobucket the world’s most popular photo sharing site according to Hitwise had its DNS records hijacked to return a hacked page courtesy of the NetDevilz hacking group, a Turkish web site defacement group most widely known for its defacement of the adult video site Redtube earlier this year. Photobucket users across the world are reporting minor outages of the service and problems when trying to access their accounts, the consequence of what looks like the type of DNS records hijacking that redirected Comcast.net to a third-party domain last month.
Third-party site monitoring services indicate that the site was down for 15 minutes yesterday, from from 17:39:39 to 17:55:10, whereas according to a comment left by a Photobucket Forum Support representative, the downtime due to the propagation of the corrected DNS entries was longer :
“On Tuesday afternoon, some users that typed in the Photobucket.com URL were temporarily redirected to an incorrect page due to an error in our DNS hosting services. The error was fixed within an hour of its discovery, but due to the nature of the problem, some users will not have access to Photobucket for a few hours as the fix rolls out. It is important to note that only a portion of Photobucket users encountered the problem and that no Photobucket content, password information or other personal information was affected by the redirect.�
The NetDevilz hacking group left the following message, [Message was in Turkish and I edited it out] that appears to have been loading from a third-party domain,Photobucket downtime netdevilz atspace.com in this case :
The hacking group appears to have been using the hosting services of atspace.com, the web hosting service of Zetta hosting solutions, and users of Photobucket attempting to access the site with the old DNS entries are still being redirected to a default hosting ad page within atspace.com. The effect of the redirection can also be seen by taking a peek at the publicly obtainable stats for atspace.com, where the sudden peak in traffic resulting in 118,864 visitors for today came from the default ad page used in the redirection.
With the second DNS hijacking attack against a high-profile domain in the recent months, it seems that adaptive malicious parties unable to directly compromise a site will continue taking advantage of good old-fashioned DNS hijacking. At least to prove that it’s still possible even on a high-profile domain using the services of a Tier 1 domain registrar.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and E-crime incident response. Dancho is also involved in business development, marketing research and competitive intelligence as an independent contractor. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis.
Re: Photobucket got hacked
Posted: Thu Jun 19, 2008 1:26 pm
My pics are back now, but for over a day the pics I'd posted on this and other forums were not linking. Must have taken quite a while for the DNS to propogate.
Re: Photobucket got hacked
Posted: Thu Jun 19, 2008 2:39 pm
Same thing as graffiti or other vandalism.lunchbox wrote:what did they get out of this hack anyway
Re: Photobucket got hacked
Posted: Thu Jun 19, 2008 7:13 pm
yea i guess
some people are just strange
some people are just strange