Pro-Serbian hacktivists attacking Albanian web sites

Pro-Serbian hacktivists attacking Albanian web sites

Summary: The rise of pro-Kosovo web site defacement groups was marked in April, 2008, with a massive web site defacement spreading pro-Kosovo propaganda.


The rise of pro-Kosovo web site defacement groups was marked in April, 2008, with a massive web site defacement spreading pro-Kosovo propaganda. The ongoing monitoring of pro-Kosovo hacking groups indicates an ongoing cyberwar between pro-Serbian supporting hacktivists successfully defacing Albanian sites, and building up capabilities by releasing a list of vulnerable Albanian sites (remote SQL injections for remote file inclusion, defacements or installing web shells/backdoors) to assist supports into importing the list within their do-it-yourself web site defacement tools.

Pro-Serbian hacktivists attacking albanian web sites

According to Serbian hacking groups, independent Albanian web site defacers initially started attacking their sites later on joined by Kosovo Hacking group. In response, Serbian hacking groups have started distributing a segmented list of remotely exploitable Albanian sites and encouraging others to join the initiative and attempt to deface the sites. For the time being, Partia Demokracia Sociale (Social Democracy Party of Albania), AlbInvest (The First Investment Forum Albania-United Kingdom), and Tirana Bank are among the high-profile sites that have been defaced next to many others.

Pro-Serbian hacktivists attacking albanian web sites

This incident greatly represents the capability building process and the degree of information sharing between Serbian groups empowering everyone with an already verified hit list of vulnerable Albanian sites.

Pro-Serbian hacktivists attacking albanian web sites

Both groups are currently in a ceasefire phrase, trying to figure out who provoked who, by requesting group members to participate in the ongoing discussing. However, the possibility to engineer hacktivism tensions remains just as realistic, as engineering cyber warfare tensions is, by making it look like that the source of the attack is coming from a party what would be attacked based on the lack of evidence verification - in this minor cyber conflict the groups are in fact talking with each other. Moreover, in the long-term, web site defacement groups realizing the market value of their know-how, will inevitably start contributing with spammers, phishers and malware authors in a much broader sense than the current degree of collaboration - selling acccess to compromised web servers only.

Topics: Malware, Security, Servers

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Better then lobbing shells and bullets at each other (nt)

    • At this stage of the battle it is

      But the fact is that once a cyber-war gets going and these hackers start going after critical systems like hospitals or street light systems. How many people could these guys kill by say disrupting the monitoring system in a number of hospitals. How many people would be killed if these guys hacked the civilian aviation ILS system? Or hacked the water system and turned off the water to everybody in a major city during a heat wave. The cyber war attacks could end up being every bit as lethal as dropping bombs with the negative effect of not being targeted at the military.
  • RE: Pro-Serbian hacktivists attacking Albanian web sites

    Obviously the Serbs should get their Bulgarian and Russian allies involved in the hack attacks and defenses. WHo knows, President Medvedev might even pay for their copies of Kaspersky AV;)
  • RE: Pro-Serbian hacktivists attacking Albanian web sites

    Cyber war is just beginning. These back and forth defacement of sites is like the first use of air plains in conventional war, they were not used for attacking or defending but for spotting and spying.
    What people are doing cyber attacking now is defacing sites and stealing credit cards and information. While this is not a good thing it's just the tip of the iceberg of what will be coming.
    In some ways we can speculate about what can be done, there are people who will say these things won't happen but like using air plains in the early first world war no-one thought they would ever become screaming jet attack systems running at mach 3 and dropping precision bombs able to hit a building, and not just a building but the 3rd window from the left on the 4th floor.
    In the same way can we really know where cyber war will take us in the years to come?
    But it's starting and it's probably going to be a fast bumpy ride. Hold on and decide now what side you are going to be on.
  • Item 2

    cool pIc, need passport next. go back to pcP and ask alexis fOr a name. make sure you know the passworD first. - apo