20 May 2006 | 14,861 views

The Biggest Web Defacement Ever

Prevent Network Security Leaks with Acunetix

A Turkish hacker using the handle iSKORPiTX was able to breach the security of a group of web servers, containing more than 38.500 web sites in less than a day!

Iskorpitx is believed to be 45 years old, sometimes being helped for minor defacement activities by another Turkish “senior cracker” (42) going by the handle of Metlak .

Apparently he doesn’t like a couple of countries:




iscorpitx, marque du monde, presente ses salutations tout le monde. “

Defacement mirror – example

I gotta say:

Script kiddie hack or not, a defacement will always be a ‘cool’ hack to do.

Zone-H is keeping everyone posted of his actions and has compiled a full list of the 21.549 sites he was able to deface.

You can also keep updated with iSKORPiTX latest actions here.

Of all the sites iSKORPiTX was able to hack, 95% of them were using Windows (big part of those same sites, Windows 2003) and running IIS 6. New exploit?

No doubt, the biggest hack ever.

Source: Zone-H

Recent in Exploits/Vulnerabilities:
- Everything You Need To Know About POODLE SSLv3 Vulnerability
- OpenVPN Vulnerable To Shellshock Exploit
- Everything You NEED To Know About Shellshock Bug In BASH

Related Posts:
- MultiInjector v0.3 Released – Automatic SQL Injection and Defacement Tool
- MultiInjector – Automated Stealth SQL Injection Tool
- Microsoft UK Defaced by Saudi Hackers

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 227,801 views
- AJAX: Is your application secure enough? - 119,146 views
- eEye Launches 0-Day Exploit Tracker - 85,071 views

Low-cost VPS Hosting

2 Responses to “The Biggest Web Defacement Ever”

  1. backbone 1 August 2007 at 3:44 am Permalink

    then imagine how would it be if someone would hack lycos, or geocities ;)

  2. Sandeep Nain 1 August 2007 at 6:23 am Permalink

    Well I am sure Geocities and Lycoz both are not using IIS… In my couple years of pen test experience I have seen that most of the the windows based web are not properly patched (microsoft releases a new patch everyday…).