Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

Firefox Community Site Hacked Again

By Nate Mook, BetaNews

October 4, 2005, 11:27 AM

For a second time, the Web site used to promote the adoption of Mozilla's Firefox Web browser has been compromised by hackers. The remote attackers potentially accessed SpreadFirefox.com by exploiting a security flaw in the TWiki software installed on the server.

The problem was limited to SpreadFirefox.com and did not affect mozilla.org or any Mozilla software. TWiki was disabled as soon as the intrusion was discovered.

"We have scanned Spread Firefox servers and at this time do not believe any sensitive data was taken, but as a precautionary measure we have shutdown the site and will be rebuilding the web site from scratch," read a notice e-mailed to registered members.

Information provided by Spread Firefox users and stored on the server include a real name, a URL, an email address, IM names, a street address, a birthday, and private messages to other users.

The site will remain offline until around October 15. In the meantime, Spread Firefox administrators recommend that users assume their password could have been accessed and change the password of any account using the same login details.

In mid-July, the Spread Firefox site suffered a similar break-in, and at the time said it was taking the necessary steps to make sure such an incident did not happen again.

"Unfortunately, those procedures overlooked the installation of the TWiki software since it is not used by the main Spread Firefox site," the Mozilla Foundation explained. "When the system is rebuilt, all the software will be audited to ensure that security updates will be applied in a timely manner. We deeply regret this incident and any inconvenience this may have caused you."

Add a Comment (28 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By foxtyke

posted Oct 5, 2005 - 11:49 AM

Okay, first time shame on them (first attacker), second time shame on you (SFX team)...

I support Firefox and I even a member of SFX but seriously, this has to stop as it does hurt the credibility of Firefox and Mozilla.

How?

Logic for most people sadly will go like this...

HQ for Firefox promotion hacked not once but twice must mean the people behind SFX are behind Fx must mean Fx is easily hacked... solution? I shouldn't use anything related to Fx or Mozilla... problem solved.

Score: 0

By MOGua

posted Oct 5, 2005 - 2:29 AM

FYI: this has nothing to do with Firefox the browser or its security.

Score: 0

By tmaioli

posted Oct 5, 2005 - 1:40 AM

Big Deal........ They need a honey pot...as a decoy. Guess this means they're in the big boys club.

Score: 0

By uberfly

posted Oct 4, 2005 - 8:08 PM

Big Deal. Someone ran a script against an unpatched server. Woo-Hoo. Wow, this is pretty exciting.

Score: 0

By zridling

posted Oct 4, 2005 - 3:13 PM

Let us bury the myth of any "security" linked to Firefox (or its evangelism sites) once and for all.

Score: 0

By crashoverride

edited Oct 5, 2005 - 2:54 AM

Did you even read. This was the result of a third party program on the server. Noting at all to do with Firefox. Lets just bury you since you obviously don't know what you are saying. Besides they Myth of security has been burried for a while now anyway. I never go tthe hwole hyp eover it being so secure anyway. Any idiot should have known it wouldn't be totally secure. After all, it is man made just like IE. Telling someone a browser is totally secure is like trying to tell them that swiss cheese doesn't have holes.

Score: 0

By fewt

posted Oct 4, 2005 - 3:50 PM

Why because a software package completely unrelated to firefox had a flaw?

What sort of scientific evidence is that?

Score: 0

By Metshrine

posted Oct 4, 2005 - 3:24 PM

guess you can say that of ANY software, because no software is truely secure

Score: 0

By THZGryphon

posted Oct 4, 2005 - 8:02 PM

Of course accept for "Firefox" the fan-boys would suggest.

Score: 0

By Metshrine

posted Oct 4, 2005 - 8:04 PM

Thats already been disproven so I dont have to argue that one :)

Score: 0

By drumcat

posted Oct 4, 2005 - 2:13 PM

Just goes to show that as soon as you attract a crowd, someone will crack it. Until it reaches its critical mass, crackers don't waste their time.

Look at it as a strange validation. Firefox is worth having crackers spend time on it. ;)

Score: 0

By fewt

posted Oct 4, 2005 - 3:12 PM

You didn't even read the first sentence. LOL

Score: 0

By Metshrine

edited Oct 4, 2005 - 3:25 PM

Umm, THIS WASNT A FIREFOX BROWSER HACK, PLEASE READ THE ARTICLE. THEIR WEBSITE (spreadfirefox.com) was hacked

Score: 0

By Jedite

posted Oct 4, 2005 - 3:46 PM

I think he is refering to the fact that Hackers are taking notice of firefox, and are begining to attack its websites, and software, given that Firefox has become popular.

If someone some how was able to hack into support.microsoft.com for example ppl here would standing outside with torches and pickforks ready to lash at MS.

Score: 0

By fewt

posted Oct 4, 2005 - 3:51 PM

Doubtful, most of the people that consider themselves hackers (justifiably or otherwise) use Firefox.

I'd venture a guess that it was an MSFT appologist script kiddie that executed a 1337 sploit because he thinks he is cool.

Just my opinion of course.

Score: 0

By moojj

edited Oct 4, 2005 - 9:09 PM

Whether hackers use the software or not does not make it immune to an attack. Sometimes an attack could be done by a group, or an individual, who does not agree with the product or has something to prove. Other times it is a direct attack on the users of the product.

In Firefox's case:

1. It has been hyped as the most secure browser ever. This gives hackers (and wanna-be-hackers) a incentive to find the first (or most dangerous) exploit.

2. Firefox has a large user base, by finding an exploit they can directly attack the users of that product.

3. Some people diagree with the over commercialisation of Firefox.

I'm sure there are many other reasons out there as to why people dislike Firefox or want to attack the software.

At the end of the day, the software itself was not attacked in this situation. If the attackers wanted to prove that Firefox was unsafe they have failed. By attacking the servers that host (or distribute) the software, they are saying "You're software is too hard to attack, so we will do the next best thing... attack your site".

In my opinion, this isn't a direct attack at Firefox. This is an attack on a high profile site, in hopes of getting recognition or boosting the attackers ego.

Score: 0

By fewt

posted Oct 4, 2005 - 9:22 PM

I can't disagree with that. :-)

Score: 0

By ZenWarrior

posted Oct 4, 2005 - 1:48 PM

S-E-C-U-R-I-T-Y ?

Score: 0

By fewt

posted Oct 4, 2005 - 1:14 PM

These guys need to get their acts together, this is rediculous.

Score: 0

By PhoenixPath

posted Oct 4, 2005 - 1:41 PM

I'd love to see the stats on how often they are attacked and not disrupted though. I'm sure it's probably quite high.

Score: 0

By fewt

posted Oct 4, 2005 - 3:52 PM

It's not that hard to lock down a website.

Score: 0

By Jose

posted Oct 4, 2005 - 12:39 PM

Maybe if they used Microsoft software they wouldn't have gotten hacked again.

Score: 0

By sophist_dreams

edited Oct 4, 2005 - 2:21 PM

Oh you mean ActiveX? Give me a break.....

This is a copy of an e-mail I received rom SpreadFirefox.

"The Spread Firefox Team became aware this week that the server hosting
Spread Firefox, our community marketing site, has been accessed by
unknown remote attackers who attempted to exploit a security
vulnerability in TWiki software installed on the server. The TWiki
software was disabled as soon as we were aware of the attempts to access
SpreadFirefox.com. This exploit was limited to SpreadFirefox.com and
did not affect mozilla.org web sites or Mozilla software.

We have scanned Spread Firefox servers and at this time do not believe
any sensitive data was taken, but as a precautionary measure we have
shutdown the site and will be rebuilding the web site from scratch. We
also recommend that you change your Spread Firefox password and the
password of any accounts where you use the same password as your Spread
Firefox account. We will notify you again when the site is back up with
instructions on how to change your password. (Note: We do use MD5
hashing on the passwords, but MD5 cannot protect all passwords against
off-line dictionary style attacks.)

After Spread Firefox was compromised in July, we instituted procedures
to ensure that we apply all security fixes to the software running the
site (Drupal and PHP) as soon as they become available. Unfortunately,
those procedures overlooked the installation of the TWiki software since
it is not used by the main Spread Firefox site. When the system is
rebuilt, all the software will be audited to ensure that security
updates will be applied in a timely manner. We deeply regret this
incident and any inconvenience this may have caused you. Sincerely,

Spread Firefox Team
Mozilla Foundation"

Score: 0

By fewt

posted Oct 4, 2005 - 9:24 PM

Sounds like they are making a good effort towards securing their website, and just overlooked one piece of software. While unfortunate that it was overlooked, it's not uncommon.

Score: 0

By Metshrine

posted Oct 4, 2005 - 2:12 PM

ActiveX and MS software have nothing to do with this hack, this was a third party piece of software which was hacked, not a web server or a browser

Score: 0

By moojj

posted Oct 4, 2005 - 9:13 PM

He wasn't referring directly to ActiveX. He was referring to a product of Microsoft's that is notorious for being unsafe.

Score: 0

By sophist_dreams

posted Oct 4, 2005 - 2:20 PM

I guess you dont recognize sarcasm when you see it.........

Score: 0

By GroovyMojo.com

posted Oct 4, 2005 - 1:35 PM

Hah!

Score: 0

Nov 21 - 6:51 PM ET Coalition urges better laws for e-mail and cell phone privacy

Nov 21 - 6:42 PM ET How is Internet advertising faring in this bad economy?

Nov 21 - 6:15 PM ET From out of the Amazon Cloud, an AWS winner emerges

Nov 21 - 5:20 PM ET Mufin music finder enters public beta, adds widgets

Nov 21 - 5:01 PM ET Google launches its SearchWiki semantics plug-in

Nov 21 - 4:57 PM ET Asus previews a slimmer, less costly Eee PC

Nov 21 - 4:32 PM ET New Adobe Media Player ushers in AIR 1.5

Nov 21 - 2:11 PM ET AT&T to add Pantech's low-cost C630 phone to 3G lineup

Nov 21 - 1:11 PM ET iPhone gets firmware 2.2 update

Nov 21 - 11:51 AM ET The Dell surprise: Higher earnings on lower revenue