A Turkish Hacker Defaces NZ Websites
A hacker who attacked New Zealand Internet service providers embedded Turkish script on customers' homepages. On each of the websites he defaced the site's homepage by replacing the content with a Turkish message, an animation of a medieval knight, and Turkish pop music.
The security gap, which enabled the hacker to breach, was set right on February 13, 2007.
The hacker who calls himself "Iskorpitx" was involved in many incidents of attack. In 2003, he made almost 180,000 attacks. In 2006, he defaced 38,000 websites by implanting the Turkish flag.
ISP Ihug has reported that 90 of its customers became victims to the hacker. There is no denying that the Turkey-based hacker must have affected several other ISPs.
According to Ihug spokesperson Annabel Gould, the hackers have broken into a U.S. server too. Gould said Ihug had bought a company in 2006, which has a few legacy customers that the server is still hosting, so the hack has made an impact on some of those customers. NZHerald published Gould's statement on February 15, 2007.
As per Ihug's advice to customers they need to re-upload their webpage as a tentative solution while the company shifts the websites under the impact, to its own server.
According to The Dominion Post's informal survey, Ihug hosted 94% of approximately 575 hijacked websites.
The incident has even harmed customers of Quik.co.nz whose websites the U.S. servers of Quik.com hosted, said Gould.
Quik.co.nz did not have any back-up copies of the websites. Ihug asserts people should keep back-up of the websites they buy even if they do not have that facility.
The problem has not affected customers of Ihug that the company's own servers host. Gould said Ihug was planning to compensate affected customers by moving them to its secure servers.
According to The Internet Society of New Zealand, organizations must thoroughly read the contract they set with their host and discern the provisions for back-up.
Since no one is completely safe from hacking attacks, the message that surfaces is that users should have a back-up arrangement or ensure that the website host maintains one of its own.
Related article: A New "Blackmailing" Variant Creeps Around…
» SPAMfighter News - 26-02-2007