A malicious hacker, going by the name r00t3rs, continued to deface Web sites with a .co.za domain name last week. The hacker has been linked to more than 30 Web site defacements over the past two weeks.
The hacker tends to focus on Web sites hosted at hosting companies, making it possible to compromise a much greater number of sites at a time. So far he appears to have focused on two hosting companies, but others may be targeted.
Francis Cronje of Buys Attorneys, who has been following the hacker`s movements, says: "The last week has seen a continued attack on local sites. We`ve never seen anything like this. Attempts to trace the hacker to an IP address or computer have failed thus far. The fact that this person focuses so much on local sites gives me the idea he or she is a South African."
Some of the sites that were hacked late last week, such as www.audiospectrum.co.za, have been attacked again by other hackers this week, indicating that the underlying systems have not been patched yet.
Another hacker has also emerged locally. Known as int3rc3pt0r, the hacker has defaced a number of local sites, including www.vishuis.co.za. Unlike r00t3rs, this hacker does not remove the front page of the site and replace it with his own, rather adding his message into the body of the page.
Share