CBE Classic Hacked

Quick Hitter: CBE Classic Tournament Website was Hacked

Georgia will be in the CBE Classic Tournament in November.  The CBE Classic’s website was hacked and is currently peddling prescription drugs.

It is rare to use the Georgia Basketball Blog Twitter account as a source, but this is an unusual story.  Any page one can access on the CBE Classic site has been turned into a spammy drug peddling page.

Hopefully, the webmasters at the CBE Classic can find a way to fix this problem and harden their security.  A number of things could have happened to cause this to happen including SQL injections, cracking into the Joomla Admin or taking advantage of cross-site scripting vulnerabilities.  

No links to the CBE Classic website are going to be made in this article so that users do not access a website that has been hacked.  It would be incredibly irresponsible to do this.  

The matchups have yet to be determined, but Georgia will join George Washington (NIT Champion), Kansas (Big XII powerhouse/blue blood) and UAB in this tournament based out of the Sprint Center in Kansas City, Missouri.

Back to the hacking issue:

There’s a great website called Builtwith.com that provides information about any website to give users the ability to know what went into the website’s development as well as any plugins that are used.  It is a very useful tool for webmasters, publishers and developers to emulate the builds of another website in some fashion.

Disturbingly, there are no security/firewall plugins present.  It is possible that they may have used an IP that includes a Cloud Proxy Firewall, but this still does not appear likely.  An IT Security audit is very necessary, especially for a site that enables people to purchase event tickets.  It is unknown what is going behind the scenes, but they have to fix this issue to make people feel comfortable making a transaction.

Let this be a lesson to everyone with a website:  Getting a Firewall and keeping it up to date is critical.  Plugins like WordFence and CloudProxy services like Sucuri are recommended.  Make sure you do not have XSS vulnerabilities too.