dc wales1

There have been red faces at upstanding Conservative Party HQ after a website meant to embarrass Gordon Brown was hacked to redirect visitors to hardcore porn.

The Cash Gordon site started life as a way of publicising the Prime Minister’s alleged links to unions currently in an increasingly bitter dispute with airline, British Airways, but poor security seems to have allowed the hackers in. As well as sending people to porn, visitors accessing the site for an extended period would be sent to the Labour Party website.

Given that no criminal would be remotely interested in visitors to a right-of-centre political website, the certainty is that the hack was opportunistic and prankish. Real criminals would also redirect visitors to sites capable of infecting them with malware.

The site has now been patched up and put back online.

It is not clear why security was so ignored by its creators, who failed to foresee the effect of allowing users to include links to third-party websites and dedicated code in posts to the site. The site also captured any message from Twitter that used the hashtag ‘#cashgordon’ regardless of whether the post was sympathetic or not. A mass Twitter attack is not hard to imagine.

Labour Party officials won’t view the hacking event with much enthusiasm. The Cash Gordon site will now probably received more traffic than it would have had it not been hacked.

The hacking of political websites by adversaries is now an established genre of web defacement but is still a small event next to the sometimes serious nuisance of real websites hacked for directly criminal purposes.

One high-profile celebrity, ex-hacker Kevin Mitnick, was hacked so often by pranksters that his hosting provider asked him to quit its services.