Your web site not working is a real downer—I know from experience. However, I’ve never had one hacked yet in all the years I’ve had web sites, both my own, non-profit and business sites. Being hacked has got to be worse than being down because not only are not serving your readers, you’re embarrassed and you have to figure out how to clean it up.
Here’s a screen shot (click to enlarge) of the hacked CCP web site, and I would caution folks against visiting a known hacked web site. I visited this one with a special device I use for such things.
When the actual page is viewed “techno punk” music is played and the band of multi-colored text scrolls with shout-outs to other hackers. The style reminds me of Eastern European graphics demo software from the 1980’s. In Unix/Linux notation, “\.KEHED_NEWBIE” would designate a hidden file in the root directory. I doubt that this is an Obot production, but just an opportunistic hacking.
If you Google “I’m sorry Admin Touch” or “KEHED_NEWBIE” you will find of other web sites compromised in a similar way. It looks like this particular attack is directed at sites using the Content Management System (CMS), Joomla. One site noted about Joomla:
It’s probably the only CMS with the most exploits and vulnerable addons ever made, and sometimes I wonder who creates all these.
My guess is that the MCSOCCP site didn’t keep up to date with its security patches.
Previous MCSOCCP web site stories:
The CCP site is back up.
Other articles on Joomla: