Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Pro-ISIS Hacking Group Continues Defacement Campaign

Pro-ISIS hacking group Team System DZ is continuing its website defacement campaign. Over last weekend several websites in Ohio and Maryland were forced to shut down after messages threatening President Trump and supporting Islamic State were posted on the sites.

Pro-ISIS hacking group Team System DZ is continuing its website defacement campaign. Over last weekend several websites in Ohio and Maryland were forced to shut down after messages threatening President Trump and supporting Islamic State were posted on the sites.

The campaign has continued through the week, often targeting education and local government authorities. On Tuesday, a Los Angeles County government website belonging to the Board of Supervisors was defaced with the same message as that posted to the website of Ohio Gov. John Kasich and a Howard County, Maryland website: “You will be held accountable Trump, you and all your people for every drop of blood flowing in Muslim countries.”

Elsewhere, the Ventura County Star reported yesterday, “The websites of numerous school districts in Ventura County went offline Wednesday morning after hackers targeted certain systems operated by the Ventura County Office of Education.” Two sites were affected, but a further five sites were taken down by the authorities as a precaution.

Exact details of the hack are not clear, only that visitors were redirected “to a group’s webpage where pro-ISIS views were posted.” Team System DZ is not named, but the report adds, “The group behind the Ventura County hacking also is suspected of targeting the website of Ohio Gov. John Kasich on Sunday as well as a government website for Howard County in Maryland.”

The campaign is not limited to the US. Yesterday, the Department of Basic Education in South Africa announced, “A short while ago we discovered that the Department’s website has been hacked. The people who breached the website have since posted gory pictures of decapitated corpses, some of whom are children.”

The authority then posted the hackers’ message, apparently in full: “Hacked by Team System DZ. A message to the government, the American people and the rest of the world. Is this the humanity that you claim, or is life irrelevant to Muslims? Do not imagine that these acts against Muslims will pass you and we will forget what you did to the Arab and Muslim peoples all over the world. I love Islamic State.”

At the time of writing this report, the site in question (www.education.gov.za) is still down.

On Tuesday, Ars Technica claimed that the initial weekend hacks had a common factor: “they were running on an outdated version of the DotNetNuke (DNN) content management platform.” The implication is that if the hacked sites had updated their software they would not have been so easily breached. DNN patched the vulnerability in May 2016.

It is not clear whether all .the hacked sites used a similar outdated platform, but it is quite possible. While updating website software to the latest version is always good advice, at this moment it would seem an imperative for all DNN users.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Cyberwarfare

While cyber eyes are trained on Russia, we should remember that it is not the West’s only cyber adversary. China, Iran, and North Korea...