New Zealand Herald Website Hit by Hackers
29th Aug 2007
The New Zealand Herald website fell victim to hackers today. A page on the Nzherald.co.nz website was replaced by hackers publicizing their upcoming Kiwicon security conference.
According to Stuff.co.nz website, Web developer Dylan Reeve of Bunker Media in Auckland says the hackers used an XSS, or cross-site scripting, bug to display their own content.
"After the page loads, the XSS bug is used to inject Javascript [a type of web-page programming language] that rewrites the article."
The spoof doesn't work in Internet Explorer 7, but Firefox 2.0 displays the bogus page, Reeve says.
The real page loads when accessed with Internet Explorer 6 too.
"Everything you see in the page is created in the user's web browser," Reeve adds. Nothing on the Herald server has been changed."
source: stuff.co.nz
 |
Email this article to a friend |
 |
Print this article |
 |
Return to Latest Articles |
Leave a comment
