update Boing Boing has suffered a serious defacement in a suspected SQL injection attack that left a vile image and YouTube video scrawled across its home page.
(Screenshot by Darren Pauli/ZDNet Australia)
Site administrators pulled the popular US website offline soon after the attack this afternoon.
A tweet from Boing Boing's official account joked about the hack as a failed redesign.
"Boing Boing's latest redesign a failure, web experts say," the tweet read.
The hacker used the alias The|One.
Chris Gatford, director for penetration testing firm HackLabs, said the site administrators will need to reassess the site's security.
"Incident response is key," Gatford said.
"They can't trust networked boxes, and might not know what has been compromised."
A rebuild could be necessary even if the site was subjected to a simple defacement attack.
Boing Boing was back online as of 5pm AEDST.
Updated at 5:10pm, 28 October 2010: added information on the current availability of the site. Altered the story to reflect that the tweet from the Boing Boing account was making a redesign joke.