20 May 2006 | 14,857 views

The Biggest Web Defacement Ever

Check For Vulnerabilities with Acunetix

A Turkish hacker using the handle iSKORPiTX was able to breach the security of a group of web servers, containing more than 38.500 web sites in less than a day!

Iskorpitx is believed to be 45 years old, sometimes being helped for minor defacement activities by another Turkish “senior cracker” (42) going by the handle of Metlak .

Apparently he doesn’t like a couple of countries:

“HACKED BY iSKORPiTX

(TURKISH HACKER)

FUCKED ARMANIAN-FUCKED FRANCE-FUCKED GREECE-FUCKED PKK TERROR

iscorpitx, marque du monde, presente ses salutations tout le monde. “

Defacement mirror – example

I gotta say:

Script kiddie hack or not, a defacement will always be a ‘cool’ hack to do.

Zone-H is keeping everyone posted of his actions and has compiled a full list of the 21.549 sites he was able to deface.

You can also keep updated with iSKORPiTX latest actions here.

Of all the sites iSKORPiTX was able to hack, 95% of them were using Windows (big part of those same sites, Windows 2003) and running IIS 6. New exploit?

No doubt, the biggest hack ever.

Source: Zone-H



Recent in Exploits/Vulnerabilities:
- drozer – The Leading Security Testing Framework For Android
- Twitter Vulnerability Allows Deletion Of Payment Details
- Twitter Bug Bounty Official – Started Paying For Bugs

Related Posts:
- MultiInjector v0.3 Released – Automatic SQL Injection and Defacement Tool
- MultiInjector – Automated Stealth SQL Injection Tool
- Microsoft UK Defaced by Saudi Hackers

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 227,556 views
- AJAX: Is your application secure enough? - 119,113 views
- eEye Launches 0-Day Exploit Tracker - 85,060 views

Advertise on Darknet

2 Responses to “The Biggest Web Defacement Ever”

  1. backbone 1 August 2007 at 3:44 am Permalink

    then imagine how would it be if someone would hack lycos, or geocities ;)

  2. Sandeep Nain 1 August 2007 at 6:23 am Permalink

    Well I am sure Geocities and Lycoz both are not using IIS… In my couple years of pen test experience I have seen that most of the the windows based web are not properly patched (microsoft releases a new patch everyday…).