Win-NT/IIS admins made April Fools by hackers

DoD, WSJ, BT, HSBC and more defaced

Several crews got busy on April Fools Day to make a mockery of Microsoft security by targeting Web sites running MS' IIS server over Windows NT/2K for defacement.

Among the higher-profile victims were the Walt Disney Company; the Wall Street Journal's WebWatch; British Telecomms; HSBC; the US Navy's Center for Tactical Systems Interoperability (NCTSI); the US Army Training and Doctrine Command (TRADOC); Ringling Bros and Barnum & Bailey Circus; and the American Society for the Prevention of Cruelty to Animals (ASPCA).

None of the sites appeared to have been attacked for any reason other than the fact that they were vulnerable. At least one, Ringling Bros, looked to have been taken over by a second crew after its initial defacement. At press time, only the Navy had managed to restore their site.

It all had the feel of a proof-of-concept effort, the overarching concept being that Microsoft products suck.

In all, thirty-nine defaced sites were reported to attrition.org on April Fools Day, of which only eight were running on non-MS operating systems. ®

Related Link

The attrition.org mirror page

Sponsored: 10 ways wire data helps conquer IT complexity