RIAA website hacked by SQL injection

Nothing makes a peer-to-peer user more happy than website of RIAA hacked by an unknown script kiddie. That’s exactly what happened 2 or 3 days ago, when Reddit (http://reddit.com/info/660oo/comments/c02xyz8) published an extremely long SQL code which almost shut down the whole RIAA server. Meanwhile, another people tried the weakenesses in the code and discovered a way to display and alter the whole SQL database. As a result, RIAA’s Press Releases section showed a link to ThePirateBay instead of any content for some time.



There were more errors and security bugs in their presentation, for example an XSS bug which can be used to steal cookies and information. After 2 days, RIAA finally completely fixed the vulnerabilities and the website seems to be protected now. Anyway, this issue just shown this bloody organization is full of legal actions and lawsuing, but they somehow forget to secure their website. Besides, who wouldn’t want a TPB logo at their site?