Crackers broke into Earthlink Web servers this morning and replaced the front pages of many (all?) of their customers’ Web sites with this message:
One of my clients is hosted by Earthlink and was compromised. I’ve got everything back up and running, but the tech support folks at Earthlink seem completely confused and can’t tell me what’s happened, beyond the fact that many customers were affected, so I’m not confident the breach has been fixed.
If you know anyone hosted at Earthlink, tell them to check their Web site to be sure they’ve not been owned. And hails out to the W32-Gen crew for pointing out those security holes.