Digital Constitution turned to crapshoot by hackers

Microsoft's Digital Constitution website, established to challenge policies and activities by governments around surveillance, has been hacked.

The site was hacked last week by an unknown party who flooded the site with ads and links to online casinos.

Built on a WordPress platform, the site may have fallen victim to an unpatched security vulnerability.

Graham Cluley wrote on his blog that he is a fan of the site which is doing a very good thing by protecting the privacy of others from over-reaching governments.

He speculated that the attackers – whose sole motive appeared to be to fill the site with links and possibly jack up their web ranking – were not even aware of the contents of the site and that it was just one of many subjected to the spam attack.

He said: “Hopefully there should be no threat of any sensitive data being stolen from the web servers, but clearly Microsoft dodged a bullet as it would have been just as easy for the attackers to embed malicious links or exploit code designed to infect visiting computers.”

The site was originally running WordPress 4.0.5 but after the attack, it was quickly upgraded to 4.2.2.