Firefox promo site taken down by hackers
CNET News.com
SpreadFirefox.com, the marketing Web site for the open-source Firefox Web browser, has been hacked again and is expected to be offline until later this month.
The cyber break-in was discovered this week, according to a notice sent on Tuesday by the Spread Firefox team to registered users of the Web site. The breach was limited to SpreadFirefox.com and did not affect the main Mozilla.org Web site or Mozilla software, according to the emailed message.
The server that hosts the Spread Firefox Web site was compromised by attackers who attempted to exploit a security vulnerability in TWiki, according to the notice. TWiki is open-source software for the collaborative authoring of online pages called 'wikis'.
This is the second time that SpreadFirefox.com has been hacked via a flaw in software used to run the Web site. In July, the marketing site was compromised by attackers who exploited an unpatched security hole in PHP. The Drupal content management system used by SpreadFirefox.com is written in the PHP scripting language.
After the July attack, Mozilla instituted procedures to ensure that it would not overlook any more security fixes. "Unfortunately, those procedures overlooked the installation of the TWiki software, since it is not used by the main Spread Firefox site," the Spread Firefox team said in its notice.
The Firefox marketing Web site has been taken offline and will be rebuilt from scratch, according to the email. "When the system is rebuilt, all the software will be audited to ensure that security updates will be applied in a timely manner," the team wrote.
The latest attack likely did not expose any user information, according to the email. Still, people should change their password when the site comes back online, the team suggested. SpreadFirefox.com should be back online around 15 October, according to a notice on the site.
The hack is an additional embarrassment to Mozilla, which has emphasised security as a main selling point for its Firefox Web browser.
SpreadFirefox.com is the online Firefox marketing hub. Mozilla has successfully used the site to mobilise volunteers to popularise the browser through free marketing techniques such as Web site buttons and by collecting money for an ad in The New York Times.
More about Software
- Obama in sex video shocker? Oh wait, it's just spam September 11, 2008
- No black holes from Large Hadron Collider, say scientists September 10, 2008
- Michael Moore to premiere film online September 05, 2008
- Images: Touring Google's Chrome browser September 05, 2008
- Extensions promised for Chrome September 04, 2008
7.7
7
8.5
- Ferrari California: Sometimes roofless, never toothless
- LG unveils the LG-KP500: Keeps veiled all useful info
- LG 50PG6900: 50-inch plasma goodness with built-in Freeview+
- Photos: Chevy Volt electrifies Paris Motor Show
- Photos: Paris Motor Show 2008 concept cars
- Hands-on with the Nokia 5800 XpressMusic touchscreen phone
- Microsoft CEO Ballmer: Zune for Windows Mobile
- 'Oops I'm Late' app covers for you
- YouTube upgrade: Better uploader, 10x the file size
- Opinion: Why Yahoo Buzz will benefit Digg
- Living the D:Ream: Let's rename the Large Hadron Collider
- The 50 most significant moments of Internet history
- Google Android: Beyond the mobile phone
- Google to show UK religious group's anti-abortion ads
- Norton AntiVirus 2009: First Norton not to suck?
- Seismometer and Movies: Our favourite new iPhone apps
- Best of the forums this week: Why Earth hasn't imploded
- Hands-on with iTunes 8 Genius: Einstein with dementia?
- Apple iTunes 8: Just add Genius
- New Zunes: Buying songs from radio and more
- RealDVD: DVD ripping goes legal
