A single hacker defaced a total of 12 South African Web sites - all of which were running on Windows 2000 - on 15 December. The attacks took place between 6am and 6.20am.
It is not known if the hacker, known as "badsector", has any affiliation to a group of Brazilian hackers called "r00t3rs", who recently caused havoc by defacing a large number of local sites.
It was initially believed that "r00t3rs", linked to the defacement of dozens of SA Web sites over the past two months, was a single hacker, but it was later discovered that it was a group of Brazilian high school teenagers.
Justin Stanford, of security company 4D Digital Security, traced the group by building a profile of the evidence left behind when it defaced local sites. His profile showed that the group consisted of members of high school age who were most likely to be "hacking for fun".
After establishing contact with members of the group through an online chat room, he was told that their actions were intended "to punish those administrators that are not security conscious".
This latest attack by "badsector" saw all content removed from the sites, to be replaced with the message: "badsector ownzz...greetz: Elemento_pcx - phyr3 - JTec bads3ctor@linuxmail.org".
According to Reinhardt Buys of Buys Attorneys, It is not uncommon for hackers to leave their e-mail addresses on hacked sites.
Buys says although hacking is a crime in South Africa, site owners cannot act easily against a hacker that acts from outside the country`s borders. However, if the Internet service provider did not use the necessary security technology, the hacked site may be able to claim for damages from the ISP.
Related articles:
Hackers deface SA sites for fun
Hacker continues trail of malice
SA sites hit by hacker
Share