SpreadFirefox.com will be offline for about 10 days, after its second attack in three months.
For the second time in three months, the Mozilla Foundation-sponsored marketing site for the popular Firefox browser was hacked by unknown intruders. This time, a notice on the now-down site says that SpreadFirefox.com won't be up and running again until Oct. 15.
In a message to users, the Spread Firefox team said that hackers broke into its servers using a vulnerability in Twiki -- open-source software for creating a structured Wiki -- which was installed, but not in use, on those servers.
The team didn't believe any sensitive data was hijacked, but to be on the safe side, the site has been taken offline, and is being completely rebuilt. The group also recommended that SpreadFirefox.com registered users change their password once the site is back up.
Spread Firefox was last hacked in July; in that instance, the site was also taken offline, although only for approximately three days.
"After Spread Firefox was compromised in July, we instituted procedures to ensure that we apply all security fixes to the software running the site as soon as they become available," said the Spread Firefox team in its message. "Unfortunately, those procedures overlooked the installation of the TWiki software since it is not used by the main Spread Firefox site. When the system is rebuilt, all the software will be audited to ensure that security updates will be applied in a timely manner. We deeply regret this incident and any inconvenience this may have caused you."
The Spread Firefox team also said that the hack didn't affect the primary Mozilla Web site, or any of the Mozilla software. It was, however, yet one more embarrassment to the open-source organization, which has long touted its Firefox browser as a more secure alterative to Microsoft's Internet Explorer.
As in the July incident, a few anti-Microsoft conspiracy enthusiasts quickly blamed Firefox's rival. One poster, identified only as "tfg," wrote on the mozillaZine blog that "I blame the MS employees seeing the 96% domination of IE dropping to FF! You've just got to hope they're using IE and haven't disabled activex controls, vengeance shall be thine!"
But cooler heads responded. A follow-up comment, posted by "Kelson," noted that "Some people don't care who they attack. Some only care how high-profile the target is. I wouldn't be surprised if these people were Firefox users themselves."
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.