Hacker Redirects Barack Obama's site to hillaryclinton.com
21st April, 2008
A security weakness in Barack Obama's website has been exploited to redirect visitors to Hillary Clinton's website. Visitors who viewed the Community Blogs section of the site were instead presented with Clinton's website as a result of a cross-site scripting vulnerability.
Barack Obama's visitors were redirected to this site.
A user named Mox, from Liverpool, IL, posted an apparent confession in the Community Blogs section on the Barack Obama website yesterday. The subject of the post was, "I am the one who "hacked" Obamas site."
A YouTube clip from zennie62 demonstrates the attack. The clip shows a user clicking on the Community Blogs section of the Barack Obama site, which subsequently causes the browser to redirect to hillaryclinton.com. The author speculates that "Senator Clinton's staffers possibly hired someone to hack into the Barack Obama website system." No evidence is offered to back up this statement.
Another vulnerability found on the Barack Obama site.
While Mox states that the original issue has now been fixed, a number of similar vulnerabilities have since been identified and remain unfixed, and are documented on xssed.com, which notes that such vulnerabilities open up opportunities to infect Obama's supporters and site visitors with malware, adware and spyware.