Imageshack hacked.

[Will_NA]

Check any image you uploaded via imageshack and there's a hacker's message on it. These people have feck all better to do...

 

[iridescentt]

You mean this ?

From another forum:

They are saying they decided to hack imageshack to bring attention to some security flaw which they allege was allowed to exist by security software providers fully disclosing the weakness. I do know the word "Script Kiddies" means inexperienced punks who often literally copy/paste code--IE the opposite of a true hacker who knows how a system works to find a weakness. I guess these guys are saying even some amateurs could do serious damage.

Their argument is that by providing full-disclosure, the security companies are actually making the problem worse and using it all as a marketing ploy to increase sales of their products. They claim that if the security companies were to keep the knowledge of these vulnerabilities under their hat, the attacks would be less severe, and it would rob them of one of their greatest marketing tools, so the companies ultimately are publicizing the information to boost sales.

Jackasses from 4chan .....

 

[Cricketdude]

Is it the black blackround with writing?

 

[Gurjot95]

Who uses imageshack? Use tinypic, it uploads images very fast but imageshack can be used for thumnails though.

 

[Pranav]

Who uses imageshack?

They are millions of users using imageshack. It doesn't mean that if you don't use it, no one does.

On topic : It seems to be working fine for me.

 

[Insomniac]

They have a point to make, and they've done that.

It is an interesting point they bring up though, and they are spot on about what they're saying.

Of course, the method is a little questionable.

 

[iridescentt]

Apparently YFrog has been affected as well.

For those who still don't understand their aim, read on:

Anti-Sec = Anti –Security. It’s essentially a renegade group seeking to hijack computers in order to spread their virulent message. If you use the image-sharing host ImageShack, you may have seen the image at right if you tried to log on last night. Apparently, ImageShack was hacked by the guys calling themselves the Anti-Sec Movement. These same hackers were also able to send emails to ImageShack users using the contacts that ImageShack itself uses to communicate with its users.

In order to understand the Anti-Sec Movement, and their actions, it’s imperative to understand their philosophy.

Do some hackers hijack our computers in order to sell us security software? The Anti-Sec folks would answer affirmatively. It’s akin to those commercials where a young girl or young mother is at home at night, and some bushy-haired stranger, or otherwise menacing-looking dude is breaking a window to get in, then – cut to the home security ad. Well, what if those same home security systems, using a sort of capitalistic subterfuge, really sent bushy-haired strangers out at night to break our home windows, thereby scaring us into buying their security product?

Sounds ludicrous, I know, but the idea that the security industry is, in fact, doing that is not new, and the cyberspace is abuzz with the debate of "full disclosure": is it right? Is it wrong? Is it merely a form of capatilistic chicanery gone amok? (More on that in a minute.) The idea here – or the allegation -- is essentially the same. Or at least that’s some of the Anti-Sec hyperbole flying around in cyberspace.

Here’s the deal: Anti-Sec guys are apparently wholly against the idea of “full disclosure.” What’s that, you ask? According to the rogue group, it’s the security industry practice of making publicly available all security vulnerabilities in order to, as in the example above, enrich itself by selling yet more security software, firewalls, ad nauseum. But, so the gripe by Anti-Sec goes, by making public this security vulnerability information, “genuine” hackers can use it to further their malicious ways, thereby causing all us grief and to, well, buy more security and anti-virus software. It’d be like the United States government publishing top secret security vulnerabilities at nuclear power plants, thereby practically forcing us to buy their nuclear-proof spacesuits. That’s a far-fetched analogy, but you get the gist.

So the Anti-Sec Movement proposes – indeed, they promise -- to hack any and all such alleged perpetrators with its perceived impunity, ostensibly in order to stop the perps from “full disclosure.”
Following is a part of the Anti-Sec message (link withheld):

Check list / Goals:
Take down every public forum, group, or website that helps in promoting exploits and tools or have show-off sections.
Publish exploits rigged with /bin/rm to whitehats, let them rm their own boxes for you.
Spread the anti-security movement.

-----[ Rules of Engagement:
Don't get too cocky.
Don't underestimate anyone.
Also:
F**k full-disclosure
~ F**k the security industry
~ Keep 0days private
~ Hack everyone you can and then hack some more
Blend in.
Get trusted.
Trust no one.
Own everyone.
Disclose nothing.
Destroy everything.
Take back the scene.
Never sell out, never surrender.
Get in as anonymous, Leave with no trace.

So is it coming to town? If you use the image-sharing ImageShack, yes, or at least it did last night. Or how about Twitter? (Breached in January 2009, though not by Anti-Sec.) Or MySpace? The Anti-Sec Movement hasn’t breached all these social media forums, but I wouldn’t be surprised if they tried. According to their virulent weltanschauung, it appears the ends justify the means.
CyberLaw is a very interesting area in that it does not have the benefit of hindsight as common law generally does. It’s essentially unchartered territory, and legislators will have to propose new legislation to deal with “new” crimes. After all, if it’s not on the books, it’s not a crime, so to speak. Common terms we now bandy about, like cyber terrorist, hacker (which, by the way, wasn't an originally negative term), etc, were unheard of in the not-too-distant past. And who knows what new crimes the hackers will dream up next?

During my investigation, it appears the Anti-Sec Movement posted a plethora of YouTube videos – all of them posted within the last 8 or 9 hours, some with instructions on how to hack ImageShack. Now the videos appear with a message stating something like “You Tube removed this video due to copyright issues … “

By the way, at the end of the manifesto posted by the Anti-Sec Movement on ImageShack, it reads “No images were harmed in the making of this … image,” suggesting that users’ actual images are safe … somewhere. For the time being.

Interesting is it not.