Online software seller Tucows and its local agent Compass Communications have become the latest victims of hackers who substitute a site’s home page with one of their own.
The attack on tucows.co.nz resembled the intrusion into Microsoft's main New Zeland website last month (see Epson NZ joins Microsoft in long line of hack victims), in that the hackers simply substituted a page of text for the home-page, they acknowledge who they are and they give an email address.
But these visitors, calling themselves Silver Lords, claim to offer help to insecure sites. In the message on Tucows, the intruders say “index is backed up and exploit is patched”. At the bottom of the page, they add: “If you want any other information about anything or how to secure this site from future attacks you are always welcome to mail us at email@example.com.”
When Computerworld queried the extent to which a group of hackers could be trusted to give good security advice, a representative of the group, known as Macwiz, mailed back: “YES u can trust me ....i am not a lamer like other” (sic).
In an email received on February 1, Silver Lords hacker "Macwiz" says he has patched the exploit used on the tucows server and allegedly on an IDG server, so no other hackers can use the same tool on those sites.
"BTW [by the way] u [IDG] better install nfs-utils to that linux box for more security," he says.
IDG New Zealand does not operate a Linux server.
The defacement of Tucows' site had been "in about eight hours before I got my first email," Macwiz says.
Replying to the question whether New Zealand has been selected as a promising target, he says "there is no paticular reason to attack *.nz domains ...we just want all the admins to secure their box before they get hacked and lose their data."
Macwiz claims to have “scanned half of *.nz sites".
Silver Lords are based in Brazil, and appear to have concentrated recently on hacking sites in Chile and India, with some in Indonesia.