19
Jan 10

Hundreds of Network Solutions Sites Hacked

Web site domain registrar and hosting provider Network Solutions acknowledged Tuesday that hackers had broken into its servers and defaced hundreds of customer Web sites.

The hackers appear to have replaced each site’s home page with anti-Israeli sentiments and pictures of masked militants armed with rocket launchers and rifles, alongside the message “HaCKed by CWkomando.”

According to results for that search term entered into Microsoft’s Bing search engine, there may in fact be thousands of sites affected by this mass defacement.

One of the defaced pages belonged to Minnesota’s 8th District GOP, according to a story in The Minnesota Independent, which said the Arabic writing that accompanies the defaced pages contains the dedication “For Palestine,” and the repeated phrase “Allahu Akbar” [God is great].

Network Solutions said the hackers were able to get in by exploiting a “file-inclusion” weakness in the company’s Unix servers. So-called remote file inclusion attacks are quite common, and can let attackers insert code that gives them backdoor access to and control over the affected server. Network Solutions said it is in the process of helping customers restore their sites.

“These incidents are regrettable and we apologize for the inconvenience,” the company said in its statement.  “Due to the nature of the web, the race between technology and the bad elements is a challenge that companies face continually.”

Network Solutions said there was no danger to customers’ “personally identifiable or secure information” as a result of the incident. Other recent break-ins at NetSol have not been so benign: Last summer, hackers broke into a number of Network Solutions Web servers and planted rogue code that resulted in the compromise of more than 573,000 debit and credit card accounts.

Let this be a helpful reminder to all of us who run a Web site that no matter how much you have done to lock down your Web site, a hiccup, server crash or break-in at your hosting provider can deep-six your site in a heartbeat. If you don’t already know how to do so, take some time before it is too late to learn how to backup and restore your site (look for a future blog post for a primer or two on this very topic).

Tags: , ,

42 comments

  1. Network Solutions ia an unholy den of spammers. NS client aweber.com claims to be sending ads to 40,000,000+ email boxes each month with no worry about receiving a spam complaint. The statement is presumably based upon malafide aweber-NS relationship. NS has no abuse report information on homepage and refuses to accept spam complaints against its domains hosted elsewhere. I solicit a worldwide bycott of Network Solutions.

  2. Nework Solution again Hack, my email was cleaning up this morning. My 2 email are blocked for 2 days.

  3. “Last Tuesday.” Uh, yeah, that’s a great date. So, this could be last tuesday 3 million years ago, or last tuesday today. Great.