hacked [solved]

Daniel Sperl on August 25, 2011

Hi folks,

some of you might have had an unpleasant surprise on their last visit of the Sparrow-Framework pages. They were welcomed not with a cute, innocent, little bird - but with this serious looking security guy:

The security warning some users saw around 2011-08-25

You can imagine how thrilled I was at his appearance!

Well, the fact is: he was right. Some bad, unfriendly criminal (reportedly he was unshaved and rather fat - not a pretty view!) used a vulnerability in one of our scripts to insert some bad code into our web page.

Being a very cautious person, I’m always keeping the server software up-to-date, and the bad script was already fixed a few days ago. However, it seems that I was a little too late - the intruder had already exploited the vulnerability. However, we found the change he made and removed that code. It will take a while, though, until our domain is removed from Google’s blacklist.

Now, the important part: was this dangerous for our visitors? Fear not, I haven’t heard from any actual harm being done. Most malware does not work on up-to-date browsers and operating systems anyway (and are targeting Windows, while most of you will be running OS X).

So, all I can do now is apologize for the inconveniences this might have caused. We’ll do our best to avoid attacks like that in the future - but as we just learned, there’s no guarantee for anything; not even for our small chicken. Ehm. Sparrow. ;-)

EDIT (2011-08-26): Heureka, Google removed us from the blacklist! The warning page has gone.