An Australian government website has been revealed as
another victim of Sunday night's web defacement spree by hacker
group The Ghost Boys, which washijacked to show
anti-US messages.
The site, administered by the Department of Communications,
Information Technology and the Arts (DCITA), was modified to read
"DEFACED BY The Ghost Boys UssA sux! Boycott its products! NATO
sux! greetz to DkD(|| admin: security is futile and you will be
owned!."
Under normal circumstances, the Culture and Recreation website
acts as a portal linking information and services for a range of
arts and cultural organizations and boasts search facilities for
more than 2,500 Australian sites.
Canberran ISP WebOne hosts the victim site, and is investigating
how it came to be hijacked. A government spokesman confirmed the
attack took place, but refused to speculate further.
The reference, "greetz to DkD(||" on the defacement is a clear
reference to a recently arrested French based pro-Palestinian
hacker. French wire service AFP reported that a 17-year-old French
teenager (who cannot legally be named) using the handle "DkD" was
arrested at his parents' home in Paris on 23 June after a French
police website was defaced.
The AFP report also quoted a French police chief as saying that
"technical investigations and confessions from the young man have
established that around 2000 websites were attacked; around 20 in
France, between 20 and 30 in Britain, and the rest in Australia and
the US, including the US Navy site."
The report also said that the teenager was released from custody
because hacking "didn't have major consequences"; however, the
young miscreant is banned from connecting to the internet.
What appears to be DkD(||'s website is still running and
contains links to a variety of pro-Palestinian organisations
claimed to be sponsors, not least Fateh, Hamas and the Al Aqsa
Martyr's Brigade - although one link to jihadonline.org appears to
have been usurped by pro-US hackers and now diverts to a pro-US
site.
Other material posted by DkD(|| said that while his attacks are
politically motivated, he is against terrorism and intends his
attacks to maximise attention to the Palestinian cause with the
minimum of damage.
Unconfirmed reports suggest DkD(|| was apprehended by French
authorities following complaints from the US Department of Justice.
What links between DkD(|| and The Ghost Boys exist, other than a
shared political view, remain unclear but both are understood to be
under the spotlight of US and Australian authorities.
Other recent Ghost Boys victims in Australia include LG, D-Link,
and the Greater Murray Area Health Service, while defacement
attacks by DkD(|| in Australia appear to have centred on smaller
Western Australian government and community organisation sites.
Both groups appear to favour using a widely documented flaw in
Windows Server 2000, although what method they used this time is
still being assessed.
Julian Bajkowski writes for Computerworld
Today