CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
January 28th, 2010

US Congressional Websites Hit By Mass Defacement Attack

Over thirty websites of various Representatives and House Committees fell victim to mass defacement yesterday. The incident occurred shortly after President Obama gave his State of the Union address.

The attack seems to be politically motivated as it contained an offensive anti-Obama message. All affected websites are from within the house.gov domain and most of them served House Representatives. However, a few, such as gop.cha.house.gov, republicans.financialservices.house.gov, republicans.oversight.house.gov or resourcescommittee.house.gov, correspond to House committees.

According to Web defacement archive Zone-H, the Red Eye Crew is a prominent hacking group responsible for more than 45,000 defacements in 2009 alone. Around 2,000 of the affected websites are listed as special, meaning they belong to governments, military organizations or important corporations.

Determining a specific point of entry for these attacks without any insider knowledge is hard. However, security researchers from Praetorian Security Group determined that all compromised websites use the Joomla content management system. “But not all of the Joomla CMS web sites [on the same server] are affected. This might indicate that it is a Joomla component that is to blame, however that is just speculation,” they write.

It is worth noting that a significant number of websites within the house.gov domain were defaced last August by a different group. At the time, there was information to suggest that the compromise was the result of default passwords that were left unchanged.

“Unfortunately we won’t know that until someone who manages house.gov provides some details. Server access seems unlikely, because while the sites we checked are hosted on dcserver1.house.gov, not every site hosted on that server is defaced (example congressman Joe Sestak’s web site was fine). The sites are not redirecting anywhere,” the Praetorian Security Group experts conclude.

Credit: Softpedia.com News

Share this item with others:

More on CyberInsecure:
  • Defacement Archive Zone-h Gets Defaced
  • Twitter DNS Hackers Hit Chinese Search Engine Baidu.com
  • Tayside Police Website Tayside.police.uk Compromised And Defaced
  • Apple.com Hit In Latest Mass Hack Attack
  • Web Hosting Service Daily Hacked, Clients Websites Defaced With Cartoon Penguins Image

    • Posted in Breaches And Incidents, Hacked, Mass Web Attacks, Targeted Attacks, Vulnerabilities | Print This Post Print This Post

    This entry was posted on Thursday, January 28th, 2010 at 10:22 am and is filed under Breaches And Incidents, Hacked, Mass Web Attacks, Targeted Attacks, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: US Congressional Websites Hit By Mass Defacement Attack

    One Response to “US Congressional Websites Hit By Mass Defacement Attack”

    1. Eraser Says:
      February 8th, 2010 at 11:12 pm

      http://www.thetechherald.com/article.php/201004/5160/Congressional-sites-defaced-after-State-of-the-Union-address
      According to tech Herald the Joomla! hasn’t been updated for long time. Site was running on version 1.5.5 although the latest version is 1.5.15. So seems that the site admin is to blame, not the developer.

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »