700,000 InMotion Websites Hacked by TiGER-M@TE

All the index files were replaced with one that claims the attack

InMotion's data center got hit by the hacker that calls himself TiGER-M@TE, leaving a few hundred thousand website owners with nonfunctional pages. He is also the one responsible for the attack carried out on Google Bangladesh.

“At around 4am EST, our system administration team identified a website defacement attack affecting a large number of customers. We are still investigating, but it appears that files named index.php have been defaced,” InMotion representatives said.

The Hacker News obtained an interview with TiGER-M@TE.

He claims to be working alone, his modus operandi narrowing to private exploits and zero-day attacks.

"I hack 700000 websites in one shot, this may be a new world Record. After submitting 200,000 domains,zone-h was going down again and again and became almost unresponsive in the end.so i was unable to submit all websites.so i've listed all domains in attachment. It was not just a server hack, actually whole data center got hacked," the cybercriminal revealed.

It seems that he didn't do much harm to the websites, only replacing the index file on each with his own. The hosting company has already started the repair process, guiding members who possess the necessary knowledge to make the repairs themselves.

“If you have a backup of your site, you may upload your index.php files to correct this. You may need to do this for each directory. If your site uses an index.html or index.htm, you will need to upload those files, then delete the index.php,” a press release stated.

After a few hours the company successfully restored 65% of the affected pages, urging users to refresh their browsers if they're still viewing the hacked site.

At the time of this writing, most repairs should be done by their automated system, the remaining issues being addressed in the upcoming days.

Customers who see a directory listing instead of their website are advised by InMotion to upload a backup copy to their domain host.

Hot right now  ·  Latest news