daily online news

A Harvard Website was hacked recently, with 125 MB of records stolen and later uploaded to BitTorrent for Peer-to-Peer distribution. gsas.harvard.edu was still down at the time this article was researched (it’s back up now).

The site was a local Joomla installation. A variety of simple Joomla! hacks have been identified and shared around the web in recent weeks. Most of these claimed vulnerabilities exploit weaknesses in 3rd party modules, which exposed some SQL Injection gaps. It is not yet clear whether the Harvard Grad. School of Arts and Sciences site fell victim to such an attack.

According to Calum McLeod of protection experts Cyber-Ark “the Harvard University hack apparently involves the complete site database — allegedly including hidden system files. If the University had used a data encryption system on its most sensitive files, then this systematic site hack would probably not have occurred.”

Although the methods employed by the hacker are not yet known, one popular hackers’ board lists exploits for no fewer than 14 Joomla! components (url on request), all of which have appeared since the beginning of this month (Feb 2008). Popular modules cited as vulnerable include Galeria, Quiz, NeoGallery and a range of _com components. All the listed vulnerabilities were SQL Injection strings or remote SQL Injection attack methods.