Graffiti gang hits gov't Web sites

The tagged sites included the Alaskan office of the U.S. Department of the Interior, the e-Commerce Initiative site for the government of Western Australia, and an informational Web site on mad cow disease set up by the U.K. government.

"This wasn't the largest mass defacement ever, but they simultaneously defaced sites in three different countries," said B.K. Delong, a staff member with Attrition.org. "That's new."

The cybervandals, who call themselves Pentaguard, replaced the Web sites with a page containing a rambling screed criticizing government computer security, saying "hello" to others in the Net underground--a hacker habit known as "greetz"--and lambasting their competitors.

"So, we suggest...make these (government sites) usefull...they have bandwith, they have enough storing space...put warez on them, make a few free porn sites, fill them with mp3's," wrote the group.

Pentaguard is responsible for 48 other defacements, including the largest mass defacement recorded by Attrition.org, Delong said. The group seemingly has a penchant for servers running Microsoft's Window NT, as only computers running that operating system have been attacked.

Two well-known flaws on Windows NT servers have been the focus of defacers in recent days. One vulnerability is in the default installation of Microsoft's popular Internet Information Server, and the other is in that Web server's implementation of Unicode, a file format used to make text files readable internationally.

It is unknown whether the vandals exploited either of these flaws.