Inter-mediates' sites hacked and down
Done and dusted
2nd Update We received word that Inter-mediates' vast network of sites had been hacked and were down. The company, most commonly known for its Special Reserve discount store network confirmed there had been "external interference" but declined to comment on whether it was a denial of service attack or a hack.
It looks pretty much like a server hack to us since every site run by Inter-mediates is down. And that's quite a few. A spokesman told us: "Yes they are all down and we don't want to put them back up until we're sure it's safe." He said they hoped to be up and running in the next hour or few hours. He was unwilling to speculate on the reason behind the hack. And we've no idea either.
Among the sites affected are specialreserve.net, ukcomputing, ukgames, ukxbox, ukpokeman, ukn64, ukadvance, ukcdrom, gameaday, plonkers, 1press, upwire (all com and co.uk) - the list just goes on and on.
We'll try to find out why Inter-mediates has been targeted and get back to you.
A reader has sent us a message from the daily radar forum concerning the hacked sites. The message reads: "SpecialReserve.net and all of there domains hosted on there box were 0wned by do0do0 and -V. Some say (mainly the media) that all we do is rm -rf systems when we get access, that all we want to do is cause damage to the systems...this is done to learn and to show the world that no one is secure.. my boy yt showed this and is currently mia.. who will be next? GForce Pakistan? Again, they showed the
world that no one is secure with the .gov and nasa domains they have defaced to get across there message. We think the media don't know what rm -rf is :)
Nothing else to say accept that do0do0 and -V will live on.. Our fans / our haters don't have to worry about that :-)"
It's now about five hours later and Inter-mediate still hasn't managed to get any of its sites up. This looks like a big hacking job. Instead, the same message on a white page has been put up on all the sites. As ever, it has gone for the euphemism "major upgrade".
This is the message: "Special Reserve, GetDotted and Freeola would like to apologise for the unavailability of our web sites at present. We are currently performing a major upgrade to our systems and expect to be back on-line later this afternoon. Special Reserve's Sales Lines are open now on 0870 725 9999 for orders and customer service."
We have also been contacted by Inter-mediates. Its Internet Director said the sites will be up by early evening, and wanted to stress that no customer data had been compromised in the hack.
Security Watch has also got hold of the hacker posting. Have a look here.
The end: Inter-mediates' got all its sites back up at 6.30pm. The company denied that its data had been erased and said the delay was due to caution. The hack was from a group of non-malicious hackers, but
Inter-mediates said it wanted to find the security hole, patch it and make sure there weren't any booby traps, backdoors etc before they put it back online.
On searching for a reason behind the hack, we were given some interesting insider knowledge. One reader put the blame on financial pressure on the company, causing your usual inter-personal unpleasantries. Another pointed out that the company's ISP, Freeola, has recently switched on an authentication system. Apparently, one didn't exist before and had been
subsequently abused. Perhaps people didn't like seeing their easy access removed.
The real reason behind the hack stems from the continuing activity of a range of hacking groups (whose efforts you can find at attrition.org). Part bravado, part an effort to make security issues better known, the groups target sites apparently at random or after a tip-off of a security weakness. As Inter-mediates' Internet director said when we asked if he thought there was a specific motive behind the attack: "No, I think we were just unlucky to be picked." ®
Sponsored: Global DDoS threat landscape report