Was time for the website defacers to hit the music industry! Yesterday, visitors of the BritneySpears.de website could read “XTech Inc Onwed the Music Industry… and the rest of it ” at the top of the home page. It appears to me though, that they just did it for fun and not for any serious reason.

Apparently it was hosted in the same webserver with other official german websites of Sony BMG entertainment.

The attackers exploited a web application vulnerability – probably php inclusion – in order to get access to the Solaris 9/10 webserver.

Continue Reading »

Since I read the news about the recent defacement of the digital attacks archive Zone-H.org, many people have commented on how “professional” the Saudi Arabian defacers were. I strongly disagree… They were very “unprofessional” kids.

Just one confused kid who praises the devil – Devil Hacker – with his fellow pal Unix Web. Both from Jeddah in Saudi Arabia.

Students with too much time on their hands. They proved that they can use a basic backdoor, change the DNS and use the exploits that come together with some security advisories.

Continue Reading »

US government websites are under the spotlight of muslim cracking groups who protest against USA – this is what they claim as an attack reason. Since the 2nd of January, 17 US governmental websites were defaced, from which 9 were defaced by means of SQL injection.

What seems obvious to me – after viewing most of those defacements on the Zone-H digital attacks archive – is that their motives are not fully justified. Most of these crackers – better say “script kiddies” – are using publicly available exploits for known vulnerabilities, and by applying logic on how to use them, they succeed in the end at gaining access on webservers.

The fact that the attacked webservers belong to the US government, doesn’t necessarily mean that there is adequate security implemented.

Continue Reading »

In less than 200 words, I compiled very interesting information on the subjects of website defacing and hacktivism. Enough information is provided to you in order to answer my question which follows at the end. I would like to know your personal views.

Website defacement [2] is the substitution of an original home page by a system cracker/hacker. It is illegal in most countries as is considered an unauthorized computer access, data modification and denial of service. Crackers/hackers are usually defacing websites to spread messages and beliefs. Some of them are politically, socially and religiously motivated – given the term hacktivists – and some other just deface for the thrill.

A website defacement can create serious problems for companies as it they affects negatively their public image on the internet and in general. Victim companies may stop their transactions in order to repair the affected computer systems and thus lose money. It can also make their existing customers or potential future customers to lose faith in the company as it is evidence that their web server was broken into due to lack of security.

Continue Reading »