Hackers infiltrated PBS’s website to post a fake story that rapper Tupac Shakur is alive and well, apparently as a rather bizarre act of retribution for a news item about Wikileaks.
“Prominent rapper Tupac has been found alive and well in a small resort in New Zealand, locals report,” the story (cached) begins. “The small town – unnamed due to security risks – allegedly housed Tupac and Biggie Smalls (another rapper) for several years.”
A group called LulzSec – which also claimed responsibility for the recent SonyMusic attack – has said it carried out the hack.
LulzSec took exception to the portrayal of Bradley Manning in PBS’s Frontline news program. “We just finished watching WikiSecrets and were less than impressed,” the group says.
As well as injecting pages into the PBS site, the group posted usernames and hashed passwords for the database administrators and users – as well as the logins of all PBS local affiliates, including their plain text passwords.
“There was absolutely no skill involved in this attack, as it used freely available tools to exploit the databases,” says Sophos security expert Chester Wisniewski.
“The attackers represent nothing more than what many historically thought of as hackers: people creating chaos with no other purpose than gaining fame, irrespective of the damage caused.”
The story remained live on the site for about an hour before it was taken down.