The Sun newspaper, has suffered a hacker attack.
The LulzSec attack on News International’s systems to redirect readers from the Sun to a fake story, and to try to get at its internal email store, appears to have been two-pronged.
Monday night’s hack of the Sun occurred because one of the hackers found a weakness in a “retired” server for the News International “microsites” – used for small or unimportant stories – running Sun’s Solaris operating system.
The hacker used that and then ran a “local file inclusion” program to gain access to the server – meaning they had extensive control over it.
That then gave them access across large parts of the News International network, possibly including the archived emails, and to the Sun’s “content management system” (CMS) – which formats news onto pages. That will have included the code for the “breaking news” element of the Sun’s main webpage; changing the entire content on the page would be too obvious.
Initially they made it redirect to a fake page they had created at new-times.co.uk/sun which attempted to look and read like a Sun story claiming that Rupert Murdoch had been found dead. That page used a template of another story that first appeared on 14 July, suggesting that the hackers either grabbed an archived story or have had access since then.
After the team at News International tried to regain control, the hackers then redirected the main News International page to the Twitter page for LulzSec.
The Sun newspaper, the sister publication of the recently extinguished News of the World, has suffered a hacker attack.In what is even more bad news for Rupert Murdoch’s stable of newspapers, already dogged by the phone hacking scandal, the LulzSec hacking gang appears to have breached security on the website of The Sun, Britain’s best-selling newspaper.
Video advice by SophosLab: