Hundreds of Network Solutions Sites Hacked

Computer security issues, hacker & phreak news, conferences, Q&A, etc.

Computer chat, coding, reviews, hardware or software...

Share your infos!
User avatar
Stevyn
SysOp
Posts:1773
Joined:Mon Nov 09, 2009 10:03 am
Location:Japan
Contact:
Hundreds of Network Solutions Sites Hacked

Post by Stevyn » Thu Jan 21, 2010 5:34 am

source: http://www.krebsonsecurity.com/2010/01/ ... es-hacked/

Web site domain registrar and hosting provider Network Solutions acknowledged Tuesday that hackers had broken into its servers and defaced hundreds of customer Web sites.

The hackers appear to have replaced each site’s home page with anti-Israeli sentiments and pictures of masked militants and armed with rocket launchers and rifles, along with the message “HaCKed by CWkomando.”

According to results for that search term entered into Microsoft’s Bing search engine, there may in fact be thousands of sites affected by this mass defacement.

One of the defaced pages belonged to Minnesota’s 8th District GOP, according to a story in The Minnesota Independent, which said the Arabic writing that accompanies the defaced pages contains the dedication “For Palestine,” and the repeated phrase “Allahu Akbar” [God is great].

Network Solutions said the hackers were able to get in by exploiting a “file-inclusion” weakness in the company’s Unix servers. So-called remote file inclusion attacks are quite common, and can let attackers insert code that gives them backdoor access to and control over the affected server. Network Solutions said it is in the process of helping customers restore their sites.

“These incidents are regrettable and we apologize for the inconvenience,” the company said in its statement. “Due to the nature of the web, the race between technology and the bad elements is a challenge that companies face continually.”

Network Solutions said there was no danger to customers’ “personally identifiable or secure information” as a result of the incident. Other recent break-ins at NetSol have not been so benign: Last summer, hackers broke into a number of Network Solutions Web servers and planted rogue code that resulted in the compromise of more than 573,000 debit and credit card accounts.

Let this be a helpful reminder to all of us who run a Web site that no matter how much you have done to lock down your Web site, a hiccup, server crash or break-in at your hosting provider can deep-six your site in a heartbeat. If you don’t already know how to do so, take some time before it is too late to learn how to backup and restore your site (look for a future blog post for a primer or two on this very topic).
Contact me directly: Ironfeatherbooks (@) gmail.com

Image

Post Reply