Joe Lieberman's campaign site, e-mail hacked

The site http://www.joe2006.com is still down, almost 36 hours now and smack during the primary vote.
Looking at the source code in the google cache of the site, it was built upon Joomla!.

It would be interesting to learn what security hole was exploited - whether it was the host, an add-in, or the Joomla! core.

It may not have been any of them, but early signs point to it being a simple exploit.

See http://www.msnbc.msn.com/id/14245779/ for MSNBC's take (and to show that I'm not just speaking out of my rear, I'm quoted in the story, more of a nod, but I helped the reporter do the research to figure out what happened).

Thanks cambler. 

I see the MSNBC article was updated in the past 15 minutes. Many more details now, and a few changed facts too.

But no answers yet.  It'll still be interesting to see what happened. 

Well, you know what they say bad publicity is better than no publicity, right?



Very impressive. You are right, you do not sound like someone who speaks out of any odd body parts. Take good care of us, Chris!
Amy

http://edition.cnn.com/2006/POLITICS/08 ... index.html Implied it was a DOS of sorts. Any really large, traffic wise website will want far less that 69 other sites on the same server... probably these guys were not prepared for the traffic, on top of the DOS

Without speaking with authority, as I'm not prepared to do that, let me state that I do not believe that it was a DoS attack, and I have some good reasons to believe that. I suspect, indeed I'm reasonably sure, that there will be more information made public over the next few days.

From the site

"UPDATE ON THE ATTACK ON THE LIEBERMAN CAMPAIGN WEBSITE

STATEMENT FROM SEAN SMITH: "For the past 24 hours the Friends for Joe Lieberman's website and email has been totally disrupted and disabled, we believe that this is the result of a coordinated attack by our political opponents. The campaign has notified the US Attorney and the Connecticut Chief State's Attorney and the campaign will be filing a formal complaint reflecting our concerns. The campaign has also notified the State Attorney General Dick Blumenthal for his review."

"We call on Ned Lamont to make an unqualified statement denouncing this kind of dirty campaign trick and to demand whoever is responsible to cease and desist immediately. Any attempt to suppress voter participation and undermine the voting process on Election Day is deplorable and has no place in our democracy."

Apparently they were using ext_calendar.

Well spotted with ExtCalendar

They also have another Joomla site still running at http://www.meetned.com

Just a wee bit crazy and paranoid for them to claim their political opponents are reponsible, even when they're also using joomla

I guess that's American politics

Actually the Lieberman site is running both Joomla apps., the other site is a negative ad campaign against his opponent.

Heh, well that's even more wacky! 

LOL you'd think they would atleast change the meta tags those noobs! or common install opensef so it wasn't so obvious hahaha oh so amusing. oh when will they ever learn seo/sef...

Why? What do they care? It's a web site to get out a political message to the masses who don't know what meta tags are. Most political campaigns have their tech done by volunteers who either don't know to make these changes or don't care - often both.

In the state of Connecticut, an important, closely contested primary is underway. For those of you who do not live in the United States, a primary election is one in which the people of the both major parties elect the candidate they want to represent them in the General Election held in November.

This particular race is considered to be one of the most important primaries. It will speak not only to the State of Connecticut, but also to the United States as a whole, and many believe the result will speak more broadly to the world.

The Joe2006.com website serves Senator Lieberman's message he wants available to others. At this time, the people in that state should be able to access information made available to them to help each of them reach this very important decision.

Joomla! was entrusted as the content management system to manage and share Senator Lieberman's message with the people he serves. That is quite an honor for us and it is more than a little bit sobering and extremely horrifying that something we do not yet understand is preventing access to this important information.

I cannot even hope for what might be the problem. Nearly every possible conclusion leaves me deeply saddened.

Well, there's one very good thing came out of Lieberman's war-inflamed tailspin. I discovered a very nice JavaScript countdown function on his smear site, which turns out be free (as in freedom). You can find the original at http://www.hashemian.com/tools/javascript-countdown.htm.

I think may wrap it inside a Joomla! module so we can all practice counting down. Why let Lieberman have all the fun!

Here's some more stuff:

http://abcnews.go.com/Technology/ZDM/story?id=2311556

The skinny

"

An attack on the campaign Web site of US Senator Joseph Lieberman in the final days of his primary campaign generated a lot of news. There are indications that the attack was based on a vulnerability in a Web site CMS (Content Management System) called Joomla.

Joomla is a PHP-based program forked off from a different system called Mambo. Serious vulnerabilities in PHP and PHP-based programs have been legion in the last year or two, including a few with severe outbreaks among public Web sites. Joomla just had a major security update for a highly critical bug.

This one might have flown under the radar had it not hit the Senator's site on the eve of his primary defeat. The Zone-H Web site speculates on the actual mechanism used to attack the site. And an ABC News piece quotes respected security expert Richard M. Smith as saying (and I have to agree) that the Lieberman campaign seems to have gone on the cheap for their hosting, to a friend of a campaign member.

"