« Mystery web infection grows, but cause remains elusive | Main | Same Site Scripting Paper Released »

RIAA SQL Injected, website deleted

The RIAA website was apparently vulnerable to a SQL Injection vulnerability and had it's website deleted.

"It’s a weekend, and a holiday weekend to boot, so the site might stay this way for some time. Someone apparently used SQL injection to wipe, and we do mean wipe, the website of the Recording Industry Association of America (RIAA) clean of content. (In case they’ve fixed the site, click the empty “Who We Are” statement above to see what their homepage looked like at the time of this writing.)

Since the RIAA is usually chasing after pirates of copyrighted and copy-protected material, call it … well, call it what you will.

It started on Reddit, where a link to a really slow SQL query was posted. The post said “This link runs a slooow SQL query on the RIAA’s server. Don’t click it; that would be wrong.”

Of course, no one listened to that tongue-in-cheek warning. While some users were messing around changing links to point the Pirate Bay (below), for example, someone allegedly wiped the site’s entire database."

Article Link: http://www.realtechnews.com/posts/5287
Reddit Comment: http://reddit.com/info/660oo/comments/


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!