Advisory 6

TLP Rating: Clear

Website Defacement

CERT Vanuatu and the Office of the Chief Information Officer (OGCIO) provides the following advisory.
This is to advise all Web host users, managers and business houses in Vanuatu that there have been cases of website defacement identified by CERT Vanuatu. The website defacer calls themselves as “Phenix-TN & Mr. Anderson” as shown below in Figure 1:

 

 

Figure 1: Website Defacement - Hacked by Phenix-TN & Mr. Anderson
 

What Happened?

Website defacement is an attack on a website that changes the visual appearance of the site or a webpage. It is similar to drawing graffiti on a wall, only it happens virtually as a kind of electronic graffiti and is a form of vandalism. Websites’ appearance change – pictures and/or words are scrawled across the defaced website.

These are typically the work of defacers (Security hackers), who break into a web server and replace the hosted website with one of their own. Attackers may have different motivations when they deface a website. Political motivation is one, which is often used to spread messages by “cyber protesters” or hacktivists.

Other attackers may choose to deface a website for fun – to mock site owners by finding website vulnerabilities and exploiting these to deface a website. The most common method of defacement is using SQL Injections to log on to administrator accounts. Although website defacement is harmless, it can sometimes be used as a distraction to cover up more sinister actions such as uploading malware or deleting essential files from the server.

In both cases, website owners face damages to their business and reputation once their sites are defaced.