[ISN] RIAA Site Defaced by Hackers

From: InfoSec News (isnat_private)
Date: Thu Aug 29 2002 - 00:17:50 PDT

  • Next message: InfoSec News: "[ISN] Website Security Flaw Costs ZD"

    By Jim Wagner
    August 28, 2002
    The Recording Industry Association of America was the victim of a hack 
    Wednesday, forcing network administrators to shut down the site and 
    look for the hole in its Web server. 
    The RIAA has drawn the scorn of legions of Internet denizens in recent 
    years for its stance on Internet radio broadcast fees and peer-to-peer 
    networking. The organization became infamous to millions of users 
    after filing an injunction against the popular free music-swapping 
    program, Napster. 
    But even if and when the organization does find out what happened, 
    RIAA spokesman Jonathan Lamy told internetnews.com he wouldn't issue 
    any information about the defacement. 
    "All I can tell you is there's a problem with our site that we are 
    fixing," Lamy said. "It should be back up shortly." 
    Only the home page was defaced, as far as officals can tell, though 
    the links pointed to existing RIAA.org Web pages. The defaced site 
    featured such tidbits as "Inside the RIAA with Eric Cartman" -- the 
    best-known character from the irreverent Comedy Central cartoon "South 
    Park" -- and "Piracy can be beneficial to the music industry" -- an 
    acerbic touch flung in the face of the biggest opponent to digital 
    music piracy. 
    Also, a link entitled "Where can I find information on giant monkeys?" 
    took readers to the biography page of Hilary Rosen, RIAA chief 
    executive officer. 
    Members of the offbeat Fark.com online forum cheered the hackers 
    responsible, saying they were not only able to deface the site, but 
    shut it down entirely after thousands flocked to the RIAA.org site to 
    see the defacement. 
    As of press time, a mirror site of the defacement is available here [1]. 
    One Fark.com reader, RepoMan, chimed in with one possible reaction by 
    the RIAA: 
    "The RIAA response to this will be entertaining in itself. Of course 
    they will go crying to their friends in government like Tonya Harding 
    with her broken lace: "See, this is what we're up against... we're 
    just trying to make an honest dollar and these computer pirates are 
    knocking over our sand castles." 
    Since exercising its considerable muscle in court versus Napster -- 
    perceived by many in the industry as a startup that revolutionized the 
    way music is shared on the Internet --the RIAA has been a convenient 
    target for hackers. 
    In July, an unknown hacker or hackers brought the RIAA site to its 
    knees with a denial of service (DOS) (define) attack. It was an ironic 
    turn of events for the organization; a month prior, legislation was 
    proposed that would have given the RIAA (and other intellectual 
    owners) the right to shut down peer-to-peer networks using DOS-style 
    Robert Lyttle, better known for the role he played in the Deceptive 
    Duo hacks that landed him in hot water this year, gained his 
    reputation defacing hundreds of Web sites in 2000 to protest the 
    RIAA's actions. 
    [1] http://wintermute.student.umd.edu/
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Thu Aug 29 2002 - 03:04:12 PDT