Hacked .GOV .MIL and .EDU Sites for Sale

Saturday, January 22, 2011



UPDATES 1/24/11: Military Websites Offline After Listed For Sale By Hacker

Several of the .MIL sites were offline which a hacker had offered for sale the administrative control over.

 *   *   *  

Researchers at Imperva have reported that an unknown hacker is selling access to and  control over compromised .GOV .MIL and .EDU sites.

The hacker is offering root access control to sites that are largely reserved for promoting projects associated with sensitive U.S. military and government programs:

Gov sites

Imperva states: "The 'traffic' probably stands for the number of records within the DB tables.  The 'goods' in this case are probably the needed information for the 'Level of Control.'  For 'full site admin' – probably the credentials and the URL of site administrator interface."

Researchers also revealed that the hacker is selling personally identifiable information gleaned from some of the websites, including some large universities.

Access to most of the sites was gained by way of software used to scan websites for weaknesses:

"The victims' vulnerabilities were probably obtained by SQL injection vulnerability automatic scanner and exploited in automatic manner, as the hacker published his methods in a post in some hacker forum..."

Imperva's report shows that the public sector still has a long ways to go when it comes to protecting web portals containing sensitive information from even the most basic of of security exploitations.

Source: http://blog.imperva.com/2011/01/major-websites-govmiledu-are-hacked-and-up-for-sale.html

Possibly Related Articles:
Viruses & Malware
SQl Injection Government Web Application Security Headlines Domain Imperva Hacker Higher Education breach
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.