BREAKING: New Zealand web sites security breached overnight

werwe

Hackers can be roughly divided into two groups:  hobbyists and those that are in it for the money.

It appears the latest round of hacked New Zealand web sites are simply defaced with the hacker’s “signature page”.

Later in this post there is a complete list of New Zealand domain names affected in this way over the years, but here is a partial list of sites that have been hacked over the last 48 hours:  

list

These days, most web sites have a enough traffic for these security breaches to be picked up by web site visitors who will quickly inform the web site owner that there is a problem.

But that doesn’t solve the threat.  Simply putting a fresh copy of the web site up probably means the hackers will use the same method of attack again.

Here is an example of a web site that has been defaced, but the owner is aware of it and has pulled the web site down.  They may not have a copy of their web site to replace it with, or they are waiting for their web hosting company to confirm that the security vulnerability has been fixed before putting the site back up.

ghyc down

The above screencap shows what comes up now, but Google Cache shows us what should have been there

ghyc cache

And just to check, yes, the domain name is all paid for and current

ghyc domain status

Other web site owners haven’t been informed about the problem, or are leaving the defaced web site in place until they receive word that it’s now safe to restore it to its former glory.

Here is an example of a web site that is still showing as defaced at the time I researched this post

qbtraining

Who are these people hacking these web sites, and what do they want?

Simply put, they are skilled hackers that are in a race against each other for bragging rights.  Here is their leader board at the moment

rankings

The latest round of hacking that has affected New Zealand web sites have been claimed by someone with the alias “ByPsiko“.   A lot of the hackers involved seem to speak Turkish, and may indeed also reside there.

The game is to prove you took over the web site by leaving your signature behind.  Every time you do, you score a point, and the points accumulate to compete against the others.

ByPsiko seems to be in mourning as his current mode de defacement seems to lament the death of a Turskish celebrity:

defacement

The first line says (according the Google Translate) “We will not forget you, Papa Müslüm”

If you Wiki Müslüm, you discover he recently passed

dead

The dedication the hacker has to Müslüm Gürses is beyond me, I guess it’s a Turkish thing:

Back to the hacking story, it appears that the sites aren’t otherwise infected, or meant to infect subsequent visitors (DISCLAIMER: visit them at your own risk).  So the total extent of this level of hacking appears to be the digital equivalent of teenagers spraying graffiti on your walls.

hacked

Messages differ depending on who hacks the web site.  Some of them are simply personal signatures, other post political messages.  But make no mistake, it has been going on, and is going on right now

happenng now

Not all New Zealand web sites use .co.nz domain names, and .com and many other domain names are affected, so it may pay to check if your site is currently one of the affected ones.  Keep in mind that whatever security problem exists needs to be fixed before you put a fresh copy of your web site back up.

The list below only covers .co.nz sites, and also includes historical entries.

For example, the NBR appears to have been one of the victims of this game way back in 2007

nbr

waybackwhen

They hacking group helpfully provides a searchable database of all their victims, so you can use that to see if you are on this list.  Again, I can’t see any current way visiting that web site is unsafe, but you visit it at your own risk:

http://turk-h.org/root

For those that run a .co.nz web site, here is the list of all names that were affected by the time this post was researched (earlier this morning).  It contains many historical entries, but the first few pages should be considered current for those who don’t want to go to the web site itself.

co.nz breached websites data by Whale Oil Beef Hooked (CAUTION: LINKS IN THE DOCUMENT ARE LIVE)


Do you want:

  • Ad-free access?
  • Access to our very popular daily crossword?
  • Access to daily sudoku?
  • Access to Incite Politics magazine articles?
  • Access to podcasts?
  • Access to political polls?

Our subscribers’ financial support is the reason why we have been able to offer our latest service; Audio blogs. 

Click Here  to support us and watch the number of services grow.

As much at home writing editorials as being the subject of them, Cam has won awards, including the Canon Media Award for his work on the Len Brown/Bevan Chuang story. When he’s not creating the news, he tends to be in it, with protagonists using the courts, media and social media to deliver financial as well as death threats.

They say that news is something that someone, somewhere, wants kept quiet. Cam Slater doesn’t do quiet and, as a result, he is a polarising, controversial but highly effective journalist who takes no prisoners.

He is fearless in his pursuit of a story.

Love him or loathe him, you can’t ignore him.

To read Cam’s previous articles click on his name in blue.

52%