TechCrunch, one of the world’s top blogs, has been hacked.
At approximately 6:20am GMT the site was replaced with this message, linking to a site containing links to adult and pirated material:
As far as we can tell at this point, the site was not infected with malware. If that is confirmed then we should all be grateful, as TechCrunch is tremendously popular with those interested in technology.
At the time of writing the website appears to be, at least partially, back under the control of its technical staff who have replaced the site with one tiny message saying: “We’ll be back soon”.
Presumably the team want to double-check that their systems are now properly secured before bringing the entire site back online.
There’s no such time as a ‘good time’ to be hacked of course, but one can only imagine that today is a better day for TechCrunch to be hacked than tomorrow. That’s when the site will be expecting a large amount of traffic as millions of people around the world look for information about the new iSlate/iPad/iTablet/iDontKnowWhatItWillBeCalled due to be announced by Apple.
This hack is a salutary warning to all website owners that everyone has to be on their guard against hacking, whether your site is big or small. We don’t yet know how the TechCrunch hack happened, but feel free to reacquaint yourself with this technical paper from SophosLabs: “Securing websites”.
Update 9:15am GMT: The message on the TechCrunch site now reads “Earlier tonight techcrunch.com was compromised by a security exploit. We’re working to identify the exploit and will bring the site back online shortly.”
Update 10:05am GMT: TechCrunch appears to be back up-and-running again.
Update 11:15am GMT: TechCrunch has posted a story on its website about the hack, promising to share more information later about how it was hacked.