[funsec] Bill O'Reilly Website Hacked

Richard M. Smith rms at computerbytesman.com
Fri Sep 19 19:26:16 CDT 2008


Will Mr. O'Reilly be notifying all of his subscribes of the breach?  He
might also want to point out that if someone has used the same password at
BillOReilly.com and their email account, then the bad guys can potentially
break into a lot of other Web site accounts.

Richard

-----Original Message-----
From: funsec-bounces at linuxbox.org [mailto:funsec-bounces at linuxbox.org] On
Behalf Of Paul Ferguson
Sent: Friday, September 19, 2008 8:11 PM
To: funsec at linuxbox.org
Subject: [funsec] Bill O'Reilly Website Hacked

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Via Wikileaks.org.

[snip]

Wikileaks has been informed the hack was a response to the pundit's recent
scurrilous attacks over the Sarah Palin's email story--including on
Wikileaks and other members of the press. Hacktivists, thumbing their noses
at the pundit, took control of O'Reilly's main site, BillOReilly.com.
According to our source, the security protecting O'Reilly's site and
subscribers was "non-existent".

[...] image[s], submitted to Wikileaks and confirmed by Wikileaks staff,
offers proof of the hack. The image, clearly obtained from BillOreilly.com's
administrative interface, shows a detailled list -- including passwords --
of BillOreilly.com subscribers. Although Wikileaks has only released one
page, it must be assumed that Bill O'Reilly's entire subscriber list is, as
of now, in the public domain.

[snip]

More:
http://wikileaks.org/wiki/Bill_O%27Reilly_hacked_2008

This could get interesting...

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFI1D+Uq1pz9mNUZTMRAtiPAJ0Ub3Lby3CB7JLw07N4HS7olPAmSACfXihw
1zh5xk5dl/4FsVZcjYMBDLA=
=2fb5
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet  fergdawg(at)netzero.net  ferg's
tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.



More information about the funsec mailing list