Wednesday, May 04, 2005

Colorado IMC is still down; "Right Wing Hackers Target IndyMedia Networks"

As some of you have noticed (Rob, Liang, Wally, Erika, Ben, Valerie, Todd and Heath have e-mailed on this) Colorado IMC remains down.

Here's an article by Hack This Site.org (from Madison IMC) entitled "Right Wing Hackers Target IndyMedia Networks:"

CDTRight-wing hackers 'g00ns.com' are taking credit for attacking several IndyMedia websites posting anti-left rhetoric. This explains how to fix the bugs, who is responsible for the attacks, and how to prevent this kind of action in the future.
(http://www.hackthissite.org/news/view/207http://indymedia.us/en/2005/04/6718.shtml)
(http://portland.indymedia.org/en/2005/04/316502.shtml)
(http://portland.indymedia.org/en/2005/04/316466.shtml)
The hacker group 'g00ns' (g00ns.com andg00ns-forum.com) are taking credit for attacking various indymedia sites including nyc.indymedia.org, colorado.indymedia.org, michiganimc.org, arkansas.indymedia.org, newjersey.indymedia.org, and others.
On the website, they released a bunch of extreme right wing rhetoric, accusing indymedia of being 'anti-republican'.
Attacking an open publishing network means you're attacking freedom of speech itself. They do not want to participate in the political process through mature discussion or legal channels. These online fascists need to be exposed and confronted.
Before we go into who was responsible for these attacks, it is important to stay on the defensive and to prevent this sort of attack from happening again.
Each IMC needs to rebuild and patch their software, change passwords, go through server logs + remove backdoors, etc. The specific vulnerability that was exploited had to do with allowing the upload malicious PHP files to the media section of the website. This had been reported several months ago to the dada IMC support staff, who had been advised to keep it private until the tech staff of each IMC had patched their software. It was later published to the dada IMC web site which contains details of how it was vulnerable and how to fix it.
(http://www.dadaimc.org/mod/software/alerts/dadaIMC/index.php?alert=1)
Now let's dig some information up about who these g00nfascists are, and what we could do about it.

To read more click here.

And noted that the article itself "will be featured in the upcoming'notes from the hacker underground' zine availablefrom hackthissite.org"

The e-mail address for this site is common_ills@yahoo.com.