Feed on Posts or Comments | Font Size: Decrease Font Size Increase Font Size 25 April 2024

Filed under: Defacements, Hacktivism, Personal Opinions, Security News
posted by D1m on 22 Feb 2007 06:49 pm

High-Profiled Websites Getting Hacked And Defaced

Everyday, the security of many high-profiled governmental, military, educational and corporate websites, is broken into by crackers who deface them. Although some defacers protest against wars and other just send greets to their cyberdudes, I believe that their true motive is to get to the top of the lead in “special” defacements. The defacers don’t want to admit this as the real reason for their attacks.


Zone-H.org has listed the following reasons in the “Attacks Notification” page:

- As a challenge
- Heh…just for fun!
- I just want to be the best defacer
- Not available
- Patriotism
- Political reasons
- Revenge against that website

Here is a list of notable hand picked defacements – archived in Zone-H.org:

US Governmental:

http://dbreports.lanl.gov Win 2003
http://learnlinc.oph.dhh.louisiana.gov Win 2000
http://elbertcounty-co.gov/events.asp Win 2000
http://gis.sedgwick.gov Win 2003
http://gis2.sedgwick.gov Win 2003
http://azdps.gov/inf4z.htm Win 2000
http://csdr-cde.ca.gov/nhst.htm Win 2003
http://join.cio.ca.gov/data/d7j.htm FreeBSD

https://restricted.gov.ca.gov/briefings/files/d7j.htm

http://appointments.ca.gov/3D.htm

Famous dot-coms:

http://flightpak.paramount.com Win 2000
http://vassiebel.volvo.com Win 2003
http://ecommercesuite.usbank.com Win 2003
http://panasonickorea.com Linux
http://beta.cmt.msn.com Win 2003

Famous dot-nets:

http://self.wind.it.net/ownz.htm SolarisSunOS
http://korea.net Win 2000

Most defacers of the above websites originate from Turkey, Brazil and Iran.

The sysadmins of insecure webservers and the developers of insecure web applications are mostly responsible for the cracking incidents. It appears to me that the crackers don’t have a specific target.

What they do most of the times, is to use a Netcraft and a Google website list generator. After they import the list into a scanner and scan thousands of websites for possible SQL injections, PHP inclusions, directory traversals, information leaks and other security vulnerabilities. There have been many cases of crackers using social engineering techniques, such as pretexting and phishing, in order to grant access priviledges to confidential information.

Screenshot of a Turkish Googler generating a list of *.gov/s (Click on thumbnail to view it):

Turkish Googler

Comments (2)

2 Responses to “High-Profiled Websites Getting Hacked And Defaced”

  1. on 25 Apr 2009 at 5:03 pm 1.john said …

    f word!

  2. on 07 Jan 2011 at 8:33 am 2.Misha Priewe said …

    Rule of the post: Stay the efforts out of it

Trackback This Post | Subscribe to the comments through RSS Feed

Leave a Comment