Photobucket, one of cyberspace’s more popular image-sharing Web sites, was attacked by the Turkish hacker group NetDevilz, as reported in forums, discussion boards, and security blog posts. The Register also reported of the attack.
Hackers were said to have used a Domain Name Server (DNS) hack that leads anyone who accesses photobucket.com to be redirected not to the legitimate page, but to a greeting page from the hackers who performed the attack. A screenshot of the said page can no longer be replicated at this time, but one of the forum posters saved the text (in Turkish), as follows:
# NeTDevilz #
… ve NeTDevilz yeniden sahnede
Bizi hatırlayan var mı ? Unutulduğumuzu düşündük ve tekrar
hatırlatmaya karar verdik !
( Turkish hackers group )
ZeberuS – GeCeCi – MiLaNo – The_BeKiR – h4ckinger – SerSaK – KinSize
we are came back !
©2008 NetDevilz Co.
We’re not first,But We’re the BEST!
The text approximately translates to the following (thanks to a posting on FierceCIO.com, an executive IT management briefing for CIOs and CTOs):
“Is there anyone who remembers us? We thought you forgot us and we decided to remind you again.”
Although Photobucket.com is already back to normal, those concerned about this issue are still waiting for an update from its owners. As of this writing, there is no confirmation as to whether the image hosting site’s servers had indeed been hacked, and neither is there word as to the scope of damage. Users are left to content themselves with this response, which Photobucket posted in its own forum:
As to the motive, it seems that the Turkish hacker group is only out this time to roll out some good ol’ cyber vandalism (note that the attack seems to have been conducted against Photobucket’s servers, and not on PCs as others may think). The fact that the hacker group has successfully infiltrated the image-sharing site’s servers is a neon warning sign that they can do more damage to the site–or any site for that matter–than just place a plain old sign declaring their existence.
Perhaps it is a wise move to take this “threat-greeting” seriously. No one knows if these same perpetrators would be the group responsible for cooking up the next hottest security threat that can cripple a bigger chunk of cyberspace.
Almost two weeks ago, independent security researcher Dancho Danchev reported in his blog about an attack against ImageShack, a site similar in nature to Photobucket. Only this time, this second image-sharing site was attacked using typo squatting and users were redirected to sites that serve malware. More details from ZDNet here.
Below are some of the most notable DNS attacks on sites to date: