14 DAY TRIAL // A hacker has managed to break into the Nokia developer site and deface it with a message taunting the company and mocking its security practices.
Users who tried to access the developer.nokia.com website over the weekend saw an image of Homer Simpson and a message from the hacker that read:
"LOL, Worlds number 1 mobile company but not spending a dime for a server security! FFS patch your security holes otherwise you will be just another antisec victim. No Dumping, No Leaking!!"
This suggests that the hacker is not associated with Anonymous and its Antisec campaign that resulted in many websites being defaced recently. Antisec hackers usually follow up defacements with data leaks.
According to Helsingin Sanomat [Google translation], Nokia has confirmed the compromise and has fixed the website. The company also noted that the developer site was hosted externally and it is working on reviewing its security practices.
Servers that are more sensitive, like those used for the Ovi Store which store credit card information, are hosted by the company itself and have tighter security controls.
The hacker, who uses the online handle pr0tect0r has been responsible for other defacements in the past. His last one before Nokia was Defence.pk, the website of an independent organization committed to the research and analysis of Pakistan's security.
Website defacements are relatively common and are usually driven by political motives or by hackers' need to get recognition for their skills. Websites like Zone-H specialize in tracking defacements and publishing stats.
The surge of hacking attacks, particularly those against high-profile websites, have led to security experts naming 2011 the year of hacking. A recently launched website aims to rank hacks by awarding scores depending on the target. The site also places bounties on popular websites.