In what appears to be a mass defacement, where several hundred domains take advantage of a shared hosting provider, starting as of this Friday, an Islamic hacker known as nEt^DeViL -- this is not the NetDevilz team that hijacked the DNS records of the ICANN and Photobucket in June -- managed to successfully hack a couple of hundred Dutch web sites as a hacktivist response to the release of the Fitna film, a controversial film released by Geert Wilders, a member of the Dutch parliament in March, 2008.
How did they do it? Since all of the sites are parked on a single IP (81.4.97.190) owned by the Geenpunt.nl hosting company, compromising it means having the ability to compromise the content on all the domains hosted there, which is exactly what happened in this case.
The message they left is still active at most of the sites :
"Anti-Fitna ( Response to the Fitna Movie by 'Geert Wilders' Cow ! ) This hax0ring is to defend ISLAM - The Religion of [ Abraham, Moses, Jesus & Muhammad ( Peace Be Upon Them All ) ] that Insulted by a Cow ! from Netherlands ! Show Some Respect ! so , I can Leave you in Peace ! [ You've Started it ! ] , I don't have problems with your site but, that what Geert Wilders Cow! chose for you ;) If you think that " Insulting GOD Religion is a Freedom of Speech as your country did , then allow me to show you my Freedom knowledge of Hacking ;) "
[ by the way, nothing was deleted relax ^_^ only your index renamed ] [ NO WAR ] ... [ NO HATING ] ... [ NO Lammers ! ] ... [ NO Subdirs ;) ] Can Break Your Lame Security ! [ Love Coding than Hacking ;) ' Perl , Python , PHP, JavaScript , HTML, VB , Borland Delphi, a Little of C/C++ & Assembly ' ]
aB0 m0h4mMed .. for the Old Times Greets & Peace to my Brothers. Abu_Zahra[My Best friend ] ? Saudia_Hacker ? Abu Lafy ? DeadLine , DosMan & b0hAjEr [ Q8Crackers Crew ] ? Yanis ? Broken-Proxy ? Eddy_BAck0o ? Mianwalian & ZeRo from [#WHACKERZ ] ? SaveChanges[ PHA ] ? FBH Crew ? Apocalypse ? PaKBrain ? DaVenjah! ? BrEakerS ? Red Devils Crew[ Saudi|x ] ? by_emR3 , Kerem125 , Gsy & Alemin Krali [ Gr347 7urk15h |3ro7h3r5 ] ? sys-worm(turkish) ? F10 ? ZombiE_KsA ? xOOmxOOm net_devil@hackermail.com"
Naturally, this isn't the first time Islamic hacking groups attacked web sites belonging to a particular country that somehow offended their beliefs. For instance, in 2006, the same mass defacements took place on over 600 Danish web sites in response to the Mohammed's cartoons released in local newspapers. This hacktivist approach of spreading propaganda isn't necessarily a full-scale cyber war, it's an example of information warfare aiming to reach as many Dutch Internet users as possible due to the apparently insecure web hosting provider that they are all using.
Pure hacktivism isn't dead, as compared to previous web site defacement analysis where the people behind them were multitasking by also hosting malware, phishing and blackhat SEO junk pages on the compromised servers, in this case they only defaced the main pages. However, what pure hacktivism turned into today, consciously of subconsciously, is the propaganda division of an information warfare unit, where given the hundreds of thousands of easily detectable insecure sites within a particular country's Web, this political propaganda can easily turn into a large scale malware attack.
As in real life through, the real cyber conflicts usually start due to such provocations where a single group or a script kiddie's actions can cause a lot of damage if that's what they want to achieve at the first place.
Data
belongs
to
dating
site
MeetMindful
and
includes
everything
from
real
names
to
Facebook
account
tokens,
and
from
email
addresses
and
geo-location
information.
...
Prosecutors
said
the
technician
accessed
more
than
200
customer
CCTV
systems
on
more
than
9,600
occasions
to
spy
on
them
getting
naked
and
engaging
in
sexual
activity.
...
Companies
are
receiving
emails
from
cyber-criminals
threatening
large
DDoS
attacks
unless
a
ransom
is
paid.
Some
groups
are
delivering
on
their
threats.
...
Ransomware
gang
publishes
stolen
data
after
Scottish
Environment
Protection
Agency
(SEPA)
refuses
to
pay
ransom
-
as
agency
confirms
operations
remain
disrupted.
...
Join Discussion