First – SpyKidz is a group that meet on IRC – efnet Brazil – and you can find them in #spykidz

I’m 23 and have followed your work with HTMLarea for a long time, updating my own private CMS with your amazing WYSIWYG editor (very very nice …). I’ve been developing sites for years, own my own web hosting company and host all of my clients.

Over a year ago, I woke up to my phone ringing off the hook – every site on my server had been ‘0wned’ apparently. I found out about the zone-h trophy list, spykids and all of this junk.

I’m so sorry to hear that this happened to you  — the .log problem actually screwed up my server as it corrupted several necessary Linux files and I lost my ability to SSH into my machine. I hired help, who couldn’t fix it and still charged. The problem cost me over $500!!!!

Oh –

And I tracked down the ‘spykid’ who cracked my sites. He’s 14 and lives in Brazil. I explained to him that I was part of a cracking group – Damaged Cybernetics, when I was 16 – 18, how I’d been involved in the beginnings of the emulation ‘scene’ when it was a group of open source developers who all hung out on IRC, and how I totally know what being a script kiddy and hanging out on IRC is – I know what being bored is like.

The server was hacked 4 times and we didn’t know how to solve it by the way – my hosting provider, who I was and am still on personal terms with couldn’t figure out how to patch it – I sought help – finally I switched to 1&1 Internet and haven’t had the problem since – maybe their RedHat 9 servers came with a patched copy of Apache? Maybe the newer versions of PLESK Control Panel come with patched copies of Apache 2?

Your unfortunate situation really really really hit home and I feel for you. I had 80 sites go out on me – 4 times in the same two weeks. And part of the problem was that zone-h.org posted the exploit, so another group came along and posted profanity.

Just wanted to share with you!

Anyway who hacked it? Should be proud of this new comer hackers. Malaysian hackers. Go Go Go…!!!

:p