Cheesed off cracker strikes again

An individual claiming to be the malicious cracker who attacked UK government sites last month, has struck again.

The cracker "Herbless" daubed nine department and local government Web pages with anti-smoking slogans last month. This time, the cracker is taking credit for defacing the www.Legoland.co.uk Website.

The site's front page was replaced Friday with a message protesting against the controversial case brought by the Motion Picture Association of America (MPAA) against the creator of DeCSS, a program for de-coding and copying DVD movies. The MPAA recently won a court injunction preventing hacker magazine 2600 from republishing the source code of DeCSS.

The Legoland cracker accuses the MPAA of suppressing freedom of speech and trying to enforce its will on programmers, effectively telling them what they can and can't code. A copy of the DeCSS source was uploaded to Legoland's servers as well as a picture of a spacecraft built out of Lego bricks.

The cracker claimed to have exploited a weakness in the configuration of the SQL server powering the Legoland Web site. The same approach was used to attack the government Web sites in August. The cracker even uploaded to the Legoland server the source code of a program apparently used to exploit this vulnerability to maximum effect.

Legoland issued a statement Monday stating that all sensitive customer information is stored on a separate server and was never vulnerable.

Take me to the Hackers News Special

What do you think? Tell the Mailroom. And read what others have said.