A few weeks back cubeworldforum.org was hacked (the forum referenced in that blog post) due to an administrator having their password compromised. The hacker replaced the index with a page with music and what not. From @Sputn1k on twitter it looks like he's the guy that hacked cubeworldforum.org too[1], so the wedtm.com link that @rootinabox went to is probably him just copying HTML he used last time and forgetting to correct the href.
God damnit, script kiddies like this really piss me off.
I hope that Twitter has some sort of IP logging for logins so that they can at least start to attempt to catch this guy.
He broke the law, and he should be charged as such.
I've been amused more than anything at the number of script kiddies that take to twitter to brag about their activities. They're painting a big fat target on the backs of their heads, convinced that they will never slip up and leak packets. Granted, if they truly are careful they won't get caught --at least not because of their twitter bragging. It just seems like an absolutely pointless risk to be taking.
You set your forum avatar to a remote site that actually serves up a meta redirect.
That's... interesting. Like a php-generated image containing a redirect header, or a referrer check set up in .htaccess? I didn't know images were hackable like that, beyond just sending an alternative image for nonexistent referrers?
If anyone needed a good argument against blindly hotlinking to other sites' content I guess this would be it.
The top was a splash image that linked to this twitter account: https://twitter.com/Sputn1k_
Below was some text (scraped from Chrome's history database):
@rootinabox linked to this page: http://wedtm.com/blog/2013/07/11/cubeworldforum-dot-org/