14 DAY TRIAL // A subdomain of the official Washington DC travel website Washington.org has been hacked. The attack took place in late July 2013, but the site is still defaced.
According to HackRead, the lincolnball.washington.org website was hacked by an Iranian hacker called HellBoy.
“HellBoy Was Here. Your Security Need A little Bypass,” the hacker wrote on the defaced page.
The subdomain appears to be set up in 2009, when the Lincoln 2.0 Inaugural Ball took place.
Since it’s likely that the subdomain hasn’t been accessed since, the website’s administrators are probably not aware that it’s defaced. The fact that a security breach has gone undetected for such a long time could be highly problematic.
Considering that Washington.org is DC’s official travel website, it’s likely visited by a lot of users. This could provide cybercriminals the perfect opportunity to distribute malware.
I’ve reached out to Washinton.org representatives to see if they can comment on this incident. The post will be updated if they respond.