New Zealand websites have again been hit by Turkish hackers. This time someone called “crackers_child” attacked around twenty sites hosted by Digital Network Ltd, taking advantage of programs, files and folders installed with insecure permissions, according to manager Warren Sanders.
Computerworld was contacted by a Digital Network customer who complained that the web hoster was slow to respond after critical priority helpdesk requests went unanswered for about half an hour. The customer says he expects better service for what he says are high hosting fees.
The hacker overwrote existing content on the sites and left an obscene message on them, taunting the owners about security. A URL leading to a Turkish language security forum was also posted by the hacker, but at this stage, it’s not known if the defacement was intended as a form of advertising or just a taunt. The site owner was contacted by Computerworld via email, but didn’t respond.
Sanders says the sites were restored from backups and the clients affected would be contacted. He says issues like these are “outside of our control” as there is a fine line as to how far the web hoster can control users and offer standard web hosting at the same time.
There was no further breach of security beyond the defacement, Sanders says, and only twenty out of a thousand customers on a single server were compromised. He says the hack “was a minor incident” and Digital Network has taken advice from security specialists in the US on updating servers and improving security. A tool, PHPsuexec, which prevents users from keeping files and folders with insecure permissions, will also be installed on Digital Network’s servers, Sanders says.
This is the second recorded mass-defacement of New Zealand sites by Turkish hackers. In August, another Turkish hacker hit Wellington web hoster iServe, causing widespread damage. That time, ACT member of Parliament Rodney Hide had his website defaced and iServe told Computerworld that restoring the attacked systems took around a day over a weekend, costing the company over $20,000 in employee time.
According to security website Zone-H, crackers_child was responsible for more than 20,000 attacks in April alone.