A hacker broke into the U.S. Navy Memorial website and left a message for the administrator ridiculing him for the weak security and offering his assistance.The United States Navy Memorial is located on Pennsylvania Avenue, N.W., in Washington, D.C., and honors everyone who served or currently serve in the U.S. Navy, Marine Corps, Coast Guard, as well as the Merchant Marine.
The Navy Memorial website, located at www.navymemorial.org, is operated by the U.S. Navy Memorial Foundation and provides visitors with information about the memorial, as well as news, annual reports and other services.
The compromise was identified by Christopher Boyd, a senior threat researcher at GFI Software (formerly Sunbelt), who reports that the hacker left his message in a .txt file inside a directory on the server.
However, since this folder was accessible to search engine crawlers, the message got indexed and became available on Google. It read:
"Hello Admin your Site Security '0'. [CENSORED] Fix your Website Or you will get Another [CENSORED] By A Hacker"
The attacker even offered to help and left his Yahoo! and MSN contact information, something that overly confident hackers sometimes do.
"
We’ve notified the admins, and the page in question is currently blank with the site running normally so hopefully they now have things under control," Mr. Boyd
said.
"
There doesn’t seem to be any intention of placing malicious files there, but it might be worth being careful if visiting navymemorial(dot)org for a few days until it has a 100% clean bill of health," he advised.
Website compromises of this kind are rather common, although the hackers usually post the message taking responsibility for the attack on the front page.
The attacks are commonly referred to as "defacements" and are usually performed either in protest (hacktivism) or to earn respect from other members of the hacking community.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
