Topic: Hacker Wars
Source: Blog da Cidadania
Author: Edu Guimarães
Translation: C. Brayton
On Saturday, July 20, the Web site of IstoÉ magazine — hosted on the Terra portal — published harsh accusations against the PSDB of São Paulo over its involvement in an international corruption scheme involving the multinational Siemens and the São Paulo subway construction project.
The introduction explains the topic at hand:
“A bribery pipeline created to divert millions from subway and commuter rail projects was organized during São Paulo’s PSDB governments. Lobbyists and officials with ties to the Toucans operated using front companies.”
The article soon spread like fire across the social networks and blogs. And lo! thoughout the day, the site was attacked. More specifically, the hack attack targeted the article in which the accusation was made.
Readers attempting to access the story that Saturday could not get in. Clicking on the article redirected the internaut to the Web site of Veja magazine.
Whoever launched this attack is not well-versed in technology — according to the developer who services Blog da Cidadania, the attack was so simple that any kid with a little computer knowledge could unleash attacks of this kind.
Later on Saturday, the IstoÉ site was repaired, and in the late afternoon the article on the PSDB was accessible again. Another attack, however, was launched on the Terra portal at 22:29 of the same day.
The section of the site chosen for the fresh attack was the blog of Paulo Moreira Leite, who left Época and went to work for IstoÉ after angering Globo during the “big payola” trial, when he dissented from the Marinho family and criticized the political bias of the Supreme Court in a book he wrote on the subject.
This nlog was informed by readers that they had attempted to reach the blog of Moreira Leite from a link on this site, but were being directled to Veja.
My technical support guy managed to decipher the methodused by the hacker that attacked Below the rudimentary technique used.
The malicious script was inserted in the Moreira Leite blog by a simple method — it was posted as a comment.
Even I can see basically how it works. I see so much of it in my own blogs that I have basically despaired of the comment system. Send me an e-mail, please.
Clicking the link to the Moreira Leite blog hosted by Terra, IstoÉ, or the link provided on this page, as of 11:39 hs. on Sunday, redirected the internaut to the Veja Web site …
Ironically, my tech advisor says, it would be very simple for IstoÉ to eliminate the problem. On line 654 of the script on Moreira Leite’s blog, there is a comment reading: “value 11120493”. Deleting this comment fixes the problem.
The tech advisor to this Blog da Cidadania was shocked by the fragility of site security at IstoÉ and Terra. Most Web sites, he said, can withstand attacks like this. The attacker, however, if not very adept at programming, may understand something of politics — Veja and PSDB are joined at the hip in the world of São Paulo politics.