The security certifications organization has published a statement regarding the incident
The EC-Council denies that its website has been hacked. The organization says that the hacker simply redirected the site’s visitors via a DNS hijack to a defacement page hosted with a company located in Finland.The hacker that targeted the website, an individual calling himself Eugene Belford (the name of a character from the movie Hackers), claimed to have breached the EC-Council’s systems. He said he had gained access to thousands of passports of law enforcement and military officials.
To prove his claims, he posted a copy of Edward Snowden’s passport on the defacement page. He also led everyone to believe that he had hacked the EC-Council because the site’s administrators reused their passwords.
EC-Council is a controversial organization that provides training and certifications for security professionals. It claims to have trained more than 80,000 people and certified over 30,000, including ones from “fine organizations” like the FBI, Microsoft, IBM the US Army and the United Nations.
The organization’s website was hacked in the past. However, on this occasion, EC-Council says its servers have not been compromised.
“On February 22nd, 2014 at approximately 8PM EST, the domain www.eccouncil.org was redirected to an ISP in Finland. Immediately EC Council's Internal Security Response team initiated a comprehensive investigation,” reads the statement published on Facebook.
“EC-Council’s Security Team has confirmed no access to any EC-Council Servers was obtained, the domain redirection was done at the DNS Registrar and traffic was re-routed from Authentic EC-Council Servers to a Host in Finland known for hosting other illegal websites.”
Reports have been filed with the FBI and international law enforcement in an effort to track down the attacker. The third-party vendor involved in the incident has also been contacted.
“While EC-Council Servers remained untouched and running, the third-party DNS registrar remained affected through the day on Sunday February 23rd and into the morning Monday February 24th. EC-Council in Cooperation with domestic and foreign Law Enforcement as well as Judicial Systems will continue to investigate the incident,” EC-Council stated.
A question that many users have been asking is that if the EC-Council’s systems haven’t actually been breached, where did the copy of Snowden’s passport come from? We haven’t seen it anywhere else online. However, it is possible that the image is fake.
According to Attrition.org, EC-Council has faced numerous accusations over the past period, including plagiarism and spamming. Furthermore, security experts have often reported finding vulnerabilities on the organization’s official website.