Last nights hack attack against The Daily Blog

By   /   September 25, 2013  /   50 Comments

TDB recommends Voyager - Unlimited internet @home as fast as you can get

The sophistication of the attack and a couple of tell tale signatures during the hack for us suggest something more insidious and serious than a disgruntled member of the public.

Last night, just after about 7pm, The Daily Blog was subject to an extremely sophisticated hack attack that directed people away from the blog to a gambling site.

This attack occurred a couple of hours after we blogged about Seeby Woodhouse being subjected to questions when entering America and re-entering NZ and a day after we hosted and live-streamed a public meeting against the TICS Bill.

The sophistication of the attack, and a couple of tell tale signatures during the hack, for us, suggest something more insidious and serious than a disgruntled member of the public.

Luckily Selwyn was able to save everything and move us to a more secure position.

I would hate to think this is our tax dollars at work.

***
Want to support this work? Donate today
***
Follow us on Twitter & Facebook
***

50 Comments

  1. phil says:

    Nasty! could mean you said something too close to home for someone?

  2. Rosie Rosie says:

    Jeepers! You’ve been Uncle Scrimmed!

    http://en.wikipedia.org/wiki/Colin_Scrimgeour

    This is getting kind of freaky, especially after what Seeby Woodhouse had to say on Monday night about his experiences with both US and NZ customs. Some one or some thing is getting scared of the ordinary people eh?

    Kia Kaha.

  3. crone says:

    Take it as a sign of success – you are pissing off someone who thinks they are top of the heap. Give yourself a cigar and a pat on the back. Well done TDB!

  4. yeah it happens..someone trying to utilize your traffic for there gain.
    any kind of lock.. only keeps the honest people out…my sites got hacked awhile ago..it sucks..you could try running your site from a mirror like this site http://www.advertisingfree.co.nz/

  5. TheContrarian says:

    It happens, sites are hacked all the time and they can be very sophisticated. Do you really think insidious members of some higher power (I am assuming you mean the NZ govt.) are specifically trying to shut you down for running a left-wing blog?

  6. So what are these so called “tell tale signatures” which you mention without providing any detail or evidence?

    Regardless, it’s almost certain that your site was just attacked by one of the thousands of bots that continuously search for and attack all WordPress sites. I administer hundreds of WordPress sites and the hack attempts are pretty much constant.

  7. Christian says:

    You guys are funny – you get hacked so it must be the government? What a joke. Autotrader has been hacked three times in the past year, must have said something against the National government, obviously…

  8. midgetkiwi says:

    Maybe you should ask the GCSB to have a look into it, cyber terrorism like this must be in their expansive jurisdiction along with everything else. With all their omniscient know-how, surely finding the culprits would be a couple of hours easy work for them, may as well get them to do something useful

  9. Rob says:

    Why would the gummint send your traffic to a gambling site? Do you think perhaps that it might have been scammers trying to scam people, earning money thru interwebs, as is their want.

    I dunno, occams razor and all that…..

  10. yeah have you run a virus scan on your site..sites getting hacked is real common. all sites that run a certain version of joomla and wordpress have been hack..and sites will continue to be hacked.

  11. fambo says:

    Whoever was the hacker, the fact is that this government’s behaviour has been so incidious that those opposed to it who are completely sane, rational people, consider it quite possible that it could be involved in such an attack. Basically, during the term of this government, a lot of people’s perception of it is that rather than working for New Zealanders, it is actually working against their interests.

    • Gosman says:

      Or possibly people are not acting in a sane and rational manner over a very common occurance…

    • Jean Devanny says:

      Exactly Fambo, the JK govt are so quite plainly acting under orders, why else behave against the interests of our economic well being. This is happening all over the globe though so is not surprising. Note recent polls in US 68% of its citizens disagree with the general direction of their equally dictatorial rulers. Time for solidarity, definitely a good time to have friends. It appears that it is threatening commercial interests that gets a retaliation. They don’t care about political comment, they assume noone is interested and sadly may be right for many people. That has been my experience. But mention uncomfortable truths relating to petro chemical, arms dealers, TPP futures or bio security scandals, anti democratic surveillance, health risks of industrial agricultural practise and wait to be got at….big money attached and very nasty retaliations can happen and not just online either.

  12. Kate Kate says:

    If you have read 1984, no one can meet together in groups, so no way of over throwing the oppressor. So it isn’t so crazy that the nutty power hungry government we have wouldn’t think to shut this down. Sounds crazy but crazy stuff is happening all the time to do with spying. I was thinking about the guys who popped the spy balls before the Snowden information came out, those guys don’t seem so crazy now we all know what they are actually used for. It is a crazy world! What happened to those guys? Last I heard one was billed a zillion dollars for damages…

  13. Te Rangikaiwhiria Kemara says:

    I doubt it was a highly sophisticated or targeted (disgruntled ) attack. Attacks against WordPress, Joomla where code is injected that installs malware, shellcode, and redirects to other sites are just too common, go ask osCommerce users in 2011 of whom a few million websites in a few months suffered exactly the same type of attacks.

  14. Toe Natura says:

    The consistent tell tale evidence is that it always happens when the truth discloses the not so truth about the current government. It’s attack on free speech..

  15. TheContrarian says:

    Well there has been no further comment on these ‘tell-tale signatures’.
    Wordpress gets hacked all the time and I can’t imagine A) Why you’d get “shut-down” while The Standard runs strong nor B) why any government would redirect you to a gambling site. Sounds like a typical hack to me.

    • The Daily Blog Martyn Bradbury says:

      Oh. My. Living. Christ. An anonymous poster whose calling card is pedantic point scoring isn’t happy that we haven’t provided answers to something we know to be true. Goodness, how will I sleep tonight.

      The hack was sophisticated, we have had attacks in the past, but nothing like what we saw last night.

      Convincing you Contrarian comes very low on my list of things to do tonight.

      • TheContrarian says:

        What is it you know to be true? You know who the hacker was or where they came from? Who was it and how do you know, sounds intriguing and I am sure everyone will be interested to know too.

      • TheContrarian says:

        Asking someone to substantiate a claim now comes under ‘pedantic point scoring’?

        You’re a lying shill martyn.

        • The Daily Blog Martyn Bradbury says:

          Fascinating. Your first post was all lightness and sweetness and honey, and then when you didn’t get your way, out pops the venomous version.

          That would be fun to live with.

          Good to know, and yes, it is intriguing.

          • Whilst referring to you as a “lying shill” isn’t very helpful, I also think referring to TheContrarian’s question as “pedantic point scoring” ignores that there’s a serious question being asked here: “Why assume this was a specific hack against the Daily Blog rather than just another automated hack which we know happen to other sites on a regular basis?

            Claiming that asking that kind of question is “point scoring” rather than addressing the concern, which is “So, what’s the evidence this was a specific hack?” makes it look as if you are the one engaging in point scoring, by linking what might just be an automated, non-specific hack to your laudable campaigning against the GCSB Bill. After all, if you have evidence this was a specific hack, why not share it and embarrass the relevant parties?

            As it stands, without specific evidence to hand, the rest of us have to ask “What’s more likely: a targeted attack or a non-specific automated one?” Given we know non-specific automated hacks occur all the time, in the absence of evidence to the contrary, it just looks more likely you were hacked by a bot which wasn’t sent by the Establishment.

            • The Daily Blog Martyn Bradbury says:

              Great use of italics. Matthew you are one of my most vile detractors on twitter, so why would I give a flying toss what you have to think?

              We know what happened, we watched it in real time. Having to prove myself to people like you and contrarian is very low on my set of priorities.

              • I see. Playing the ad hominem card rather than addressing the question. Great way to stifle debate on your platform, Martyn.

                • The Daily Blog Martyn Bradbury says:

                  GRIN – Your online bullying of me is one entire ad hominem attack – but now you want an answer from me you pull that card?

                  You are priceless. We stand by our comments on the hack.

                  • Danyl Strype says:

                    Hey Bomber, I’ve never attacked you on social media or elsewhere. On this point, I agree with theContrarian and Matthew. Please explain what gives you the impression that the hacking of theDailyBlog was intentional. Without this information, it’s very hard to take the claim seriously.

                    • The Daily Blog Martyn Bradbury says:

                      Kia ora Danyl, I am far less interested in ‘being taken seriously’ by detractors than I am in not allowing those who hacked us to know how we countered it and the security we’ve installed to ensure it doesn’t happen again.

              • Lyndon Hood says:

                Very bold response to the formatting there, which really strikes to the heart of his point.

              • Bomber, you fail to appreciate that Dr Dentith is in charge of Truth and Reason on Internet and has the power to Demand an Explanation. You must also understand that the conclusion he reaches through his limited knowledge of the facts is more more important than your experience. Apparently he is going to talk about you on his radio segment.

                • The Daily Blog Martyn Bradbury says:

                  He has a radio show? I honestly have no idea who he is, other than that he bags me religiously online. We watched this happen in real time and we have seen the technical report of what happened, it was a sophisticated attack and we have our suspicions and I stand by that.

    • Jenny says:

      Why you’d get “shut-down” while The Standard runs strong

      THECONTRARIAN

      The Standard is a far more centrist, (read conservative) site than this one.

  16. MrJolly says:

    To Toe Natura, the tell tale evidence is that its a CMS that runs behind this website that is probably loaded with plugins. Attacks were probably aimed at one of them, site security compromised, joins the ranks of a thousand others in the same time period by the same mass attack servers, not aimed at websites they politically oppose but aimed at CMS they can compromise because its security is crap.

    I can tell that some of you want this to be some sort of noble stand against the system that wants to stifle free speech and even dissent, but the more you push this line the more your credibility goes down the toilet with you.

    • The Daily Blog Martyn Bradbury says:

      I stand by Selwyn Manning’s analysis of the attack, and seeing as he is the one who had to deal with it, I will trust his call over yours. As for …

      I can tell that some of you want this to be some sort of noble stand against the system that wants to stifle free speech and even dissent, but the more you push this line the more your credibility goes down the toilet with you.

      If this short comment …

      The sophistication of the attack, and a couple of tell tale signatures during the hack, for us, suggest something more insidious and serious than a disgruntled member of the public.

      …means my credibility has gone down the toilet, I’d suggest you are projecting an internal wish than any genuine criticism.

  17. Countryboy says:

    It’s my fault . I wrote a letter to the Queen about how we’re be colonized by corporations via deals brokered by our very own and nothing’s been the same ever since . All my socks are odd , my mail only contains threats , the cat shits exactly where I need to weed , the wind only blows on days when I need to feel the joy and freedom of an open kitchen door , my ex girlfriend looks gorgeous , I have a pimple on the very end of my trunk-like nose and during a lurching , drunken midnight stagger to the toilet I fell over my dog sleeping in the hallway which she never usually does then I stood on a three pin plug ( You ever did that ? It’s really , really painful ) then I chanced it and peed in the dark and missed completely , so I found the next morning .

    TDB had better realize that there are great forces at work and your grave danger is in becoming fashionable .

    It’s not rocket surgery . ( I love that expression )

    TDB and Tumeke are the only avenues of expression for the Thinker and the Brave Communicator . Think about it ? Who else offers such an opportunity to have a wonderfully free avenue for expression ? I can rant and rave . I can fuck this and cunt that and I still get posted here . It’s extraordinary ! Every day , there’s cause célèbre ! If Tumeke / The Daily Blog goes away I’m getting neutered and lobotomized . No more need for balls or brains in Nu Zild Co Ltd .

  18. Gosman says:

    You haven’t been lobotomised already???

    • Jeremy says:

      I like the way CB thinks and acts independently. It indicates he has not been lobotomised. I have trouble inferring this from your posts Gosman.

      • Gosman says:

        Yeah, writing to the Queen about the situation in NZ and asking her to do something about it is entirely rational.

        • Jeremy says:

          Pray tell, what else is the Queen for?

          • Gosman says:

            If you think she shoild be actively engaged in politics you have missed the last 400 years of British and NZ History.

            • Jeremy says:

              Um, No that would be you putting words in my mouth.
              We have established however something we can agree on; that the Queen is a Figurehead.
              Does it not worry you or cause concern that our Government has, in the Queens name, introduced legislation which is leading us towards a totalitarian state?
              And does it not look just the slightest bit suspicious that arguably the leading New Zealand based website to oppose this legislation has been the target of a ‘hack’?

  19. Countryboy says:

    @ Gosman . Hahaa a ! You’re so cute . x

  20. Win says:

    probably hacked by YKW. Minimising the impact of it and making fun of it is usually a sign. Typical 2nd step in the process.

  21. AceMcWicked says:

    I reckon it was Don Brash. Someone taught him how to use a computer and he’s gone hog wild.

  22. Does anyone recall which site TDB got redirected to?

  23. I should point out that I’m asking about the redirect because Selwyn doesn’t recall the site URL and I have a forensic analyst willing to have a gander at the gambling site to see if it tells us anything interesting.

  24. […] the middle of last week, Martyn Bradbury of The Daily Blog wrote a post which […]



Authorised by Martyn Bradbury, The Editor, TheDailyBlog, 5 Victoria St East/Queen St, CBD, Auckland, New Zealand.