http://www.mtb-direct.co.uk/

Small UK online bike shop, who are involved with the DH race scene, have been taken offline 🙁

I think it’s Col Williams who runs the company.

HiDDen Pain Ownz U

what does that mean?

‘HiDDen Pain’ is a 14 year old script kiddy with a set of hacking instructions who’s managed to delete the site and replace the home page.

Much like the kid who took stw down.

what does that mean?

means they’ve been hacked

It means…

“I used a well known exploit bug (found by somebody else) in your e-commerce software package to take your website offline, as I have erectile disfunction problems and need to compensate for it”

‘Hidden Pain’ is actually Halim Merabet who runs this blog : http://dz-geeks.blogspot.com/

He’s also an Economics student from Batna Uni, according to his Linked-In profile (although all I have is his name, and Batna Uni from his Facebook)

http://www.linkedin.com/pub/halim-merabet/21/922/b0b

means they’ve been hacked

They must know it’s been hacked though, if you’ve found it. Why leave that page up?

They must know it’s been hacked though, if you’ve found it. Why leave that page up?

Perhaps all the access passwords have been changed and they’re trying to deal with it through their hosting company?

Perhaps all the access passwords have been changed and they’re trying to deal with it through their hosting company?

Oh, OK fair enough.

Really don’t get the mentality of this sort of distruction of other peoples work. No better than slashing someones tyres or keying a car imo.

Really don’t get the mentality of this sort of distruction of other peoples work. No better than slashing someones tyres or keying a car imo.

Agreed, at the very least. In fact, it’s more like torching someone’s shop front because I guess this effectively puts mtb-direct out of business for a few days (or more).

And just to make clear, I don’t know that’s why they haven’t cleared the site yet, just a thought as to a possible reason.

I spent my teens working out how girls worked.

Still if it makes their trousers feel tighter, it’ll have been worth it.

Really don’t get the mentality of this sort of distruction of other peoples work. No better than slashing someones tyres or keying a car imo

for people that grew up on the net its a very difrent thing, this guy now has some qdos. He has gained the respect of his peers, he had done the equivalent of doing a double back flip on his bike 🙂 im not saying i think that way but for, a huge section of my generation thats the way it is!

I think a double back flip is hacking the CIA.

This was riding off a kerb…

this guy now has some qdos

But only among other antisocial, underdeveloped shut-ins.

Real people take a more balanced view.

wwaswas plus 1!

This is childs play in comparison to the Anonymous hacktivism.

Anyone used a credit card to buy anything from these? If you do I’d be asking wtf they were doing to make sure the site was secure. We all knows hackers exists, it’s up to people who want to profit from web sales to make sure they do it safely (rather than cheaply).

this guy now has some qdos
But only among other antisocial, underdeveloped shut-ins.

Real people take a more balanced view.
for a lot of people that is the reality of there life, some of my girlfriends friends’ are just like that, like 25 year old virgins how would think this is a real achievement in life. Dont get it my self but its about power or some shit like that. u will find often these people have really good jobs in IT but have no real life out side the net, for them the net is real life.

Somebody post up the telephone number and email for mtb-direct so those who are wanting to keep supporting the guy or are waiting for orders can keep in touch.

Anyone used a credit card to buy anything from these? If you do I’d be asking wtf they were doing to make sure the site was secure. We all knows hackers exists, it’s up to people who want to profit from web sales to make sure they do it safely (rather than cheaply).

On many sites (and I have no knowledge of mtb-direct whatsoever), the storefront and the payment processing are two separate entities. The storefront will be managed by the retailer and payment processing by a third party. The retailer will never have access to the full credit card details.

Address: MTB-Direct
Studio 3, 62 Quarry Clough
Stalybridge
Cheshire
SK15 2RW

Tel/Fax: +44 (0)161 304 0114

Telesales and Customer
Services opening hours:
09:30 – 17:30 (GMT) Mon – Fri

@markie – quite. but if they are providing a link to the payment provider and in fact that link is now pointing elsewhere, they are still culpable.

gwj72 – if the intention of the hack was to gain revenue, they would have simply re-directed the payment processing link to their own system.

The rest of the site would have remained operational as normal..

Interestingly, the website design company who did their site – http://www.kjbis.com – has a very broken webpage (not even a site – just 404s for the images).

Although it’s back now (while I’ve been typing this).

Their clients website – http://www.outlandstone.co.uk/ – seems to be having technical issues too…

All three domains A-Record points towards the same server – 91.192.192.66 – which indicated it’s the server that has been rooted/compromised, not MTB-Direct’s website on it’s own.

KJB Internet Services’ head will be on the block!!

So it looks like it was an insecure + unpatched server which got pwnd.

Further to add to my post…

The IP resolves to Nottingham, and the owner of which is:
inetnum: 91.192.192.0 – 91.192.195.255
netname: COMPUWEB-COMMUNICATIONS

Also known as: http://www.cwcs.co.uk/

Who own a Data Centre in Nottingham, who run dedicated servers.

So my purely theoretical conclusion is: KJB Internet Services rent a dedicated server from CWCS, but don’t have sufficient knowledge to secure it properly…. hence they’ve been taken down.

‘HiDDen Pain’ is a 14 year old script kiddy with a set of hacking instructions who’s managed to delete the site and replace the home page.

Much like the kid who took stw down.

if its that easy, these sites really should have better security…

@xiphon – I know the site is defaced now. But for it to be defaced now it has been running with vulnerabilities present. Whether any data has been compromised or not we don’t know – but they were running with the risk of that rather than mitigating it.

You’ve made too many assumptions there btw. It may have been full patched but had application security issues in just one of the sites. Which may have been code committed by the hosting provider or a.n.other. It’s impossible to speculate without knowing a lot more.

poor, Col, think of the loss of revenue for a small company.. hope it gets sorted all OK and there back up soon.

Just to quell concern before it gets out of hand, everything is in order and Kris is on the case fixing the disruption caused by the hackers.

There is no danger to credit cards and all will be up and running again very soon.

If you want anything off Col & co just call them and im sure they will be more than happy to get you the best deal and have a chat at the same time as usual.