Next to DJ Tiesto’s loud image on Wet Republic’s website sits a photo of a bikini model with a beard and an eye patch, with a simple message: “It’s all out war.”
Not exactly the type of message you’d expect from a spot that advertises itself as a dance club that doubles as a pool party, but when hackers are in town for Defcon, everything seems to be fair game.
The hacker convention, which is in its 25th year in Las Vegas, typically has hotels on alert for its three days of Sin City talk, demos and mischief. Guests are encouraged not to pick up any flash drives lying around, and employees are trained to be wary of social engineering — that is, bad guys pretending to be someone innocent and in need of just a little help. Small acts of vandalism pop up around town.
At Caesars Palace, where Defcon is happening, the casino’s UPS store told guests it was not accepting any print requests from USB drives or links, and only printing from email attachments. Hackers who saw this laughed, considering that emails are hardly immune from malware.
But the message is clear: During these next few days, hackers are going to have their fun, whether it’s through a compromised Wi-Fi network or an open-to-mischief website.
Wet Republic’s site had two images vandalized, both for the “Hot 100” party with DJ Shift. The digital graffiti popped up early Friday morning, less than 24 hours after Defcon kicked off.
MGM Grand, the hotel that hosts Wet Republic, did not respond to requests for comment.
The second of the images showed another bikini model, now with devil horns and a tooth blacked out. It’s not just Wet Republic’s website that was hit with the vandalism, as the same image has been plastered on Galavantier, a Las Vegas travel agency which promotes nightlife.
Since that photo was on a calendar event for May 5, it’s likely the vandalism came from a server exploit to replace a single image that multiple websites use, and not on the websites themselves.
So even if the hack was only within the last 24 hours, all websites that hosted the image would have the vandalized picture instead of the original. The altered image was uploaded through WordPress and an Amazon server, and replaced the original photo, which was uploaded in February, according to the metadata.
There is an exploit that allows a remote attacker to upload any image to a WordPress photo gallery, without any verification, according to Rapid7. Considering the free reign the vandals had, “all out war” seems pretty tame.
It’s unclear who’s behind the attack.
CNET Magazine: Check out a sample of the stories in CNET’s newsstand edition.
It’s Complicated: This is dating in the age of apps. Having fun yet? These stories get to the heart of the matter.