I think I just got trolled.

Some ‘hacker’ attempted to append scripts to Destructoid’s comments. Fortunately for its users, the comments have been sanitized and the script injection rendered harmless. It looks like Destructoid has fixed the injection for new comments, but they still need to clean up the existing ones and check out their database for other ‘destructive’ activities.

If you’re a member of Destructoid or have used your Facebook account to make comments, I would highly suggest that you change your password for both accounts, along with the email account you used to sign up for these services.

Server Error
The server encountered a temporary error and could not complete your request.

Please try again in 30 seconds.

http://blog.dreasgrech.com/2010/07/stealing-login-details-with-google.html

Safety mode has hidden comments for this video. Show hidden comments

Now it gives a “Safety Mode” warning, but the hacked comments still appear.

And another refresh gave me an even better defacement…

Cain & Abel is a password recovery tool for Microsoft operating systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
Changes in this version:

• Added Abel64.exe and Abel64.dll to support hashes extraction on x64 operating systems.
• Added x64 operating systems support in NTLM hashes Dumper, MS-CACHE hashes Dumper, LSA Secrets Dumper, Wireless Password Decoder, Credential Manager Password Decoder, DialUp Password Decoder.
• Added Windows Live Mail (Windows 7) Password Decoder for POP3, IMAP, NNTP, SMTP and LDAP accounts.
• Fixed a bug of RSA SecurID Calculator within XML import function.
• Executables rebuilt with Visual Studio 2008.

via Cain & Abel 4.9.32 released.

The order, issued Wednesday by U.S. District Court Judge James Ware in the northern district of California, also requires Google to disclose the Gmail account holder’s identity and contact information. The Gmail user hasn’t been accused of any wrongdoing.

The ruling stems from a monumental error by the Wilson, Wyo.-based Rocky Mountain Bank. On Aug. 12, the bank mistakenly sent names, addresses, social security numbers and loan information of more than 1,300 customers to a Gmail address. When the bank realized the problem, it sent a message to that same address asking the recipient to contact the bank and destroy the file without opening it. No one responded, so the bank contacted Google to ask for information about the account holder.

In keeping with its privacy policy, Google told the bank it would have to get a court order to obtain such data. The bank then filed papers asking a court to order Google to disclose the information and deactivate the account.

via MediaPost Publications Judge Orders Google To Deactivate User’s Gmail Account 09/25/2009.