Linux Knowledgebase Portal

Posted on: Sep 5, 2011


Ups.com hacked

Numerous people noticed that the UPS.com website was defaced yesterday. While groups like LulzSec and Anonymous have been receiving most of the publicity recently, there are still other people out there looking to attack sites and today a group calling themselves TurkGuvenligi (translated to Turkish Trust League) is responsible for the defacement. The group appears to be Turkish, based on the flag on their Twitter feed. In addition, Google Translate indicates that their tweets are in Turkish.

 

The group placed a splash page that proudly stated “hacking is not a crime.” In addition the group has declared today as “World Hackers Day.” Not only was the UPS website attacked, but according to zone-h, Vodafone.com, theregister.co.uk, acer.com, betfair.com, nationalgeographic.com, and telegraph.co.uk were also attacked. Since all of these companies use NetNames as their registrar, it’s now known that the group didn’t attack the companies’ actual servers but instead modified DNS records to point the sites to the splash page.

Last month, Softpedia reported that the group defaced HSBC’s Korean website. It doesn’t appear that any data has been taken from any of these attacks but the group does appear to be ramping up it’s attacks recently.

Based on G4TV forum posts, the UPS site appears to have been down for roughly thirty minutes, although actual times would depend on how long each individual DNS server had the bad information cached.

A simple whois to ups.com still showing the turkish nameservers instead of them. Where are the IT guys at ups.com?