What Lurks in the Theme Forest?
Theme Forest, Hacked’s own theme provider and a popular destination for both designers and site administrators worldwide, is currently down (as it has been quite often recently).
The site was also down on July 1st creating dashboard problems for different websites around the world. Their response was posted here which is also unreachable at the moment: http://themeforest.net/forums/thread/intermittent-site-outages/183714
What’s Going On?
With a normal DDoS attack, the server would be totally unavailable.
This, however, is a typical error page that normally means a file cannot be located or the user does not have permission to view it. This indicates a problem in something higher level than the server instance, more likely something to do with the content management system. It does not exclusively mean that, as the browser could be just getting bounced to alternatives which don’t have the files at all. Also, server outages have caused more than just content problems, as automatic updating on some themes had to be disabled at the consumer level.
In essence, anything at all could be happening, but bad communication on the part of Theme Forest and a slow response to resolve the problem (on a permanent basis) lead a clever hacker to wonder – are they vulnerable or already owned?
Featured image from Shutterstock.