Feeds

Defacement archive Zone-h gets defaced

Web graffiti attack harks back to age of innocence

Beginner's guide to SSL certificates

Defacement archive Zone-h.org has itself been defaced.

The hack - claimed in the names of Cyber-Terrorist, HeLL cYbEr, and Jurm - involved posting a link to a YouTube video and dancing babies on the site's altered home page. The Arab language video, featuring an ad promoting nappies, replaced the site's usual content of information security commentary and a defacement archive.

A message that came with the defacement suggested hackers pwned the site for want of something better to do.

Sorry, but I am bored I wish you a fun time with the song :D lol

Zone-h.org was unavailable on Friday afternoon following the hack, recorded here.

The site runs Apache on a Linux platform, according to Netcraft.

Maintaining a defacement archive is a pretty thankless task. For one thing, it's a lot of work. For another, neither defacers nor sys admins of defaced sites will thank you for your efforts.

It's not the first time Zone-h.org has been hit by hackers. The defacement archive was the victim of a domain hijack attack in January 2007.

Zone-h.org founder Roberto Preatoni was open with its preference for winding down the site when we met him at the Infosec conference in London last April. If it is put to rest, zone-h.org will go the way of Alldas.de and other broadly defacement projects of the past.

That's perhaps a little unfortunate. Last year, in a poll on whether or not Zone-h.org should die, a majority wanted the site to continue. But in an age where SQL injection assaults against legitimate sites are used to run drive-by download attacks without leaving any obvious signs of attack, perhaps the recording of blatant web graffiti attacks is no longer as relevant as it once was. ®

Internet Security Threat Report 2014

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
prev story

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
How to simplify SSL certificate management
Simple steps to take control of SSL certificates across the enterprise, and recommendations centralizing certificate management throughout their lifecycle.