Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Hackers Replaced Spain’s PM with Mr. Bean on Official Website

Hackers, who attacked Spain's official website, briefly replaced the country's prime minister with a fictional comedy man, Mr. Bean.

Officials on behalf of Prime Minister 'Jose Luis Rodriguez Zapatero' said that the defacement had occurred on www.eu2010.es, but they ruled out any data compromise on the website, as reported by The Register on January 5, 2010.

In addition, the government in a statement stressed that the attack was not directly on the site rather it was a home page screenshot taken by an unknown hacker to create a tableau of photographs.

The attack involved the exploitation of XSS (cross-site scripting) vulnerability by inserting malicious code or unauthorized content into the flawed site.

The security researchers have explained that the hack was not very damaging but XSS flaws could be abused for inserting malware into users' Web-browsers. By inserting malicious code, hackers could compromise a visitor's authentication details or divert him to a malware ridden website.

When visitors accessed the prime minister's website, they briefly found a picture of Rowan Atkinson, an actor who played Mr. Bean. Actually, it has been a joke for long to compare the Spanish leader's appearance with the clown.

According to the security researchers, today's website owners commonly face threats from cross-site scripting attacks. In these attacks, attackers exploit client-side technology weaknesses like JavaScript and HTML. The purpose is to change and modify the scripts present inside a Web program and to execute them maliciously so that the attacker may be benefited.

In the month of August 2009, hackers found XSS flaws on the website of Britain's Ministry of Defence (MoD). The miscreants, by exploiting those flaws, managed to display a hacked website's content within a pop-up box, which seemed as though it was from the Ministry.

Ultimately, security researchers stated that the cross-site scripting vulnerability was extremely serious with respect to e-commerce or banking websites. The reason cited was that it helped to cause more credible phishing assaults. Moreover, the vulnerability could be embarrassing if it appeared on reputable or government websites like those of Spain's official site or the MoD, the researchers added.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 1/15/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page