haCkeD By r00t-x ~ r00tx0@gmail.com ~

Some script kiddie ran a sploit; apparently things are being fixed now:

We have completed the work necessary to secure our GRID infrastructure from this exploit.

We have also repaired the majority of affected sites using our automated tools. We will continue to run these tools throughout the night. Please let us know if you see anything out of place and we will dig deeper.

Highlighted is the beginning of the spam

MacRumors apologized for the incident: “Our MacRumorsLive keynote coverage was hacked today, inserting inappropriate content into the text and photo feeds. We apologize for the inconvenience and are working to restore our services.” However, it was simply negligence on their part for having a control panel which was publicly accessible rather than some kind of nefarious hack. One of the nicer 4chan readers took this screenshot of it before it was taken offline:

See also When Livestreams Go Wrong and 4chan’s /g board where the chaos originated. Hopefully this will teach bloggers and web startups to pay more attention to the security of their websites, as hacking websites is growing more and more popular with savvy internet pranksters.

Subject: Warning : World of Warcraft Account Notice
From: donotreply@blizzard.com
To: arfenhousetoo@gmail.com

An investigation of your World of Warcraft account has found strong evidence that the account in question is being sold or traded. As you may not be aware of, this conflicts with Blizzard’s EULA under section 4 Paragraph B which can be found here:

WoW -> Legal -> End User License Agreement

and Section 8 of the Terms of Use found here:

WoW -> Legal -> Terms of Use

The investigation will be continued by Blizzard administration to determine the action to be taken against your account. If your account is found violating the EULA and Terms of Use, your account can, and will be suspended/closed/or terminated.

In order to keep this from occurring, you should immediately verify that you are the original owner of the account.

To verify your identity please visit the following webpage:

http://www.worldofwarcraft.com/account

Only Account Administration will be able to assist with account retrieval issues.

Thank you for your time and attention to this matter, and your continued interest in World of Warcraft.

Sincerely,
Account Administration
Blizzard Entertainment

See, the thing is that the first two links go to real Blizzard pages, but the last one secretly goes towww.blizzard.com.login.xml.mcnewvision.com, which is clearly a moronic phishing attempt. This leaves me with two questions:

1. Did they target me as a Wow user specifically by harvesting my WoW-associated email address somehow? A Blizzard partial hack?
2. What would they do with my account if they got it? Sell my lousy lvl 45 char on ebay? LOL….

Myspace hacked accounts 3/20/08
Here a list of myspace accounts and passwords

Example:
Username : Passwords get it

MySpace is pretty advanced in this regard; somehow they detected that my account had been compromised and when I logged in now to change the password, I received this neat message warning me:

MySpace Announcement: Your account has been phished!

What can I do?
Change your password. And don’t use your current password ever again. Why do I care? We’ve blocked your account until you change your password. This means you can’t send a message, post a bulletin, send a comment or add a friend until you’ve changed your password.

What does “phished” mean?
“Phished” means that someone stole the email address & password that you use to login to MySpace. They might be sending out messages, comments or bulletins as you!

How did this happen?
You went to a fake page that asked for your MySpace login email and password, and you gave them your info. Only login to www.myspace.com. Learn more

I’ve changed all my users and passwords now, but still it’s a tiring experience…

It looks legit! The offending posts, screenshots, heretofore unseen family photos, and emails have all been deleted from Imageshack and 4Chan. But we have them. You want to read Sarah Palin’s email?

It’s kind of sad to see Palin’s email only has 174 total messages. I’ve been using email for hopefully less time than her, yet my gmail account has 48,163 email messages in it (say three years worth. Perhaps John McCain picked a running mate for VP as technically inept as he is.

Disclosure: I think Sarah Palin sucks for a VP pick.

Update: The suspect who allegedly hacked Sarah Palin’s email is University of Tennessee student David Kernell. His father is democratic state representative Mike Kernell. Interesting…