At the time of writing these websites are still defaced, with a black page written “TurkguvenLigi” and “4 Sept. We TurkGuvenligi declare this day as World Hackers Day - Have fun ;) h4ck y0u”.
What do ups.com, vodafone.com, theregister.co.uk, acer.com,
betfair.com, nationalgeographic.com and telegraph.co.uk have
in common? They all use NetNames as their registrar. It appears that
the turkish attackers managed to hack into the DNS panel of NetNames using an SQL injection and modify the configuration of arbitrary sites, to use their own DNS (ns1.yumurtakabugu.com and ns2.yumurtakabugu.com) and redirect those websites to a defaced page.
In the past, TurkguvenLigi.info defaced secunia.com, HSBC Korea and the registry Directi with this method.
You can browse the list of their attacks here:
Source: zone-h.org
Comments
Post a Comment