Original URL: https://www.theregister.com/2010/11/25/secunia_defacement/
DNS hijack used to deface Secunia
Not the first time online vandal has struck
Posted in Security, 25th November 2010 10:11 GMT
Visitors to the website of security notification firm Secunia were confronted by a defacement on Thursday morning.
The site was sprayed by digital graffiti by a hacker using the handle TurkGuvenligi in what early indications suggest was the result of a DNS hijack rather than an exploit on Secunia's website itself.
A diary entry by the SANS Institute's Internet Storm Centre reports that Secunia's DNS records have been modified to point towards the defacement.
A quick check on defacement archive Zone-h reports that TurkGuvenligi has carried out multiple defacements in the past, a fair percentage of which used site-redirection techniques.
Mass defacements against sites vulnerable to a particular exploit is also among his stock in trade. Many of the sites he hit are either in Western Europe, Israel or Hungary, but there's no clear pattern to the defacement targets. ®