Google Blogoscoped

Sunday, July 31, 2005

Google’s Blogger Hacked?

Dirson reports the “Blogger Developers Network”, a blog where Google’s Blogger team publishes projects related to their blogging tool, has been cracked. According to the hacker who left a message, anyone who is invited into the blog can obtain admin status, and then change the template or delete posts.

Here is the full text of the original three posts by the hacker nick-named “Hamster”, in chronological order (as still shown on Bloglines):

1st post
 By Hamster

hello. welcome to this blog. hope we can keep in touch through this blog~”


Please note
 By Hamster

All members of this blog = admin, = you can change stuff around here, change the template, delete posts not your own, pls make some +ve [sic] changes to this blog, this post will be deleted soon after everyone has joined the blogging team. anyone nothing better to do please change add tagboard..or whatever...and of”


Read this 1st
 By Hamster

If you are reading this then you = blogging noob, follow instructions. go create your blogging account
check your email, look for the invitation to this blog and join as a member. once you join you can post on this blog, and edit the blog as you wish, please wait for some member with admin
privileges to change your member status from normal to admin too, meanwhile, post some **** like this.”

At the moment, the defacement – see Dirson’s screenshot – has been removed; the blog now returns a “File not found” message. If the reports are accurate, this would mean other blogs at are vulnerable too (or if Google acted very fast, were vulnerable).

Update: Blogger informed me that this wasn’t a malicious hack attempt nor a bug affecting all users. Instead, it was due to the blog’s dual addresses, “” and “”.


Blog  |  Forum     more >> Archive | Feed | Google's blogs | About


This site unofficially covers Google™ and more with some rights reserved. Join our forum!