RPS Rock Paper Shotgun Hacked Yet Again
Without surprise, Rock Paper Shotgun aka RPS the popular smart ass (quite literally) UK based Word Press gaming blog site with a huge following has been hacked and all details (usernames/passwords) have been compromised since their opportunistic traffic publicity stunt to join the the SOPA/PIPA blackout last week jumping on the bandwagon. One thing’s for sure, they have certainly as they wished they would be been blacked out just in a different way. However traffic is their sole goal though, so they’re probably pretty happy irregardless of user security concerns.
Honestly, I’ll admit, that we at Opreal Gaming should have probably posted this article a couple of weeks ago or contacted RPS out of courtesy because that’s when the hack first came to our attention through discussion on the RPS forums and a couple other sources which we will not mention here to preserve respected insider sources. Despite all this coupled with obvious signs of denied negation of compromise (despite it being pretty clear they had been rooted) we still chose not to claim such unfounded suspicious. We apologize for that, but to be honest we just didn’t care that much and at the time we weren’t willing to risk announcements which may make them look bad purely based off of suspicions.
The fact remains, clearly RPS were scared to announce it considering how they were busy routinely mocking and pulling in substantial traffic based off of simply reporting in a smart ass manner that similar Word Press sites had been comprised just like they had, for months if not years on end. At the time, despite even as a mere reader it may have been painfully obvious to us that something was off, we still trusted RPS would actually be professional enough to speak up and not wait so long before voicing their suspicions or alerting their users without specific details, despite it obviously being none of our business. Nevertheless the fact is they didn’t, presumably for the preservation of their negligible advertising revenue and smart ass know it all positions we have come to love. Fair dues chaps.
Instead though, apparently they thought they could buy themselves some time and be some sort of security experts in their own right (also fair enough can’t fault them for that as most of us small understaffed sites would potentially attempt the same) and investigate it further, but as we all know there is no such venue unless you really know what you are looking for and are willing to just shut everything down for the duration of the investigation. RPS is apparently not willing to go to such lengths to get the bottom line, and chances are their site despite being back online based off of a recent backup copy and restored database, likely still has a backdoor which either they do not even understand compromised their Word Press install in the first place, or are simply not bothered to take the time to investigate. Currently what seems most important to RPS is apparently simply being “online” and trying to generate some ad revenue. At least for all RPS fans out there who can’t live without the wise cracks you can be happy they’re not taking any downtime in any serious fashion to investigate and are already back at posting up on their daily RPS gaming word press blog.
Honestly though I can only admit (as will surely be the case with this site as most others), that it was only a matter of time before such a compromise happened as it had already in the past (you know who you are) despite not being notified of it, either they have too much advertising revenue at stake or someone have a target on them or perhaps more plausible yet it seems there are some obvious Word Press 3.3.1 holes rolling around out there beyond the mainstream and some peeps are simply having fun? I won’t argue with that. Even though it’s likely not the case because RPS hadn’t updated their Word Press for months and were using an older version. Nevertheless, such popular PHP web site blogging and cms apps can only obviously hold security issues as will all software, and where the eyeballs land the vulnerabilities are found and Opreal Gaming is likely next. C’est la vie! It’s only a matter of time but yet again before you hack this site, unless you are an automated bot who cannot read and react to this, I do suggest you contact the admins, I think you’d be surprised at the response, support and insight you may get before simply resorting to blacking out. Nevertheless, the fact of the matter remains that this same story continues to repeat itself as everywhere else on the Web.
Usernames and passwords online, indeed potentially a total bitch to deal with! A better solution though is hopefully on its way even though it may bring many of the same issues along with it. Happy hacking!