December 22, 2024

Nigerian Electoral Commission Website Hacked

Posted on March 29, 2015 by in Security

Nigeria’s electoral commission admitted on Saturday that its website had been hacked, as the country’s crucial presidential and parliamentary elections were hit by technical problems.

“The INEC (Independent National Electoral Commission) website‎ was hacked this morning but we are trying to revive it,” the body’s deputy director of public affairs, Nick Dazang, told AFP.

“But nothing has been tampered with,” he added, without elaborating.

INEC has been under scrutiny for weeks about its preparations for the election, in particular over the use of biometric voter identity cards and new technology to cut down on electoral fraud.

Voters throughout Nigeria have complained about lengthy delays in authenticating their cards. President Goodluck Jonathan’s own card failed on the new system and he had to be accredited by hand.

The INEC website — inecnigeria.org — was allegedly targeted by the Nigerian Cyber Army. A message on the home page read: “Feel some shame Admin!! Security just an illusion.”

The site was later back online.

Subscribe to the SecurityWeek Email Briefing

view counter

© AFP 2013


SecurityWeek RSS Feed

Notepad++ Site Hacked in Response to “Je suis Charlie” Edition

Posted on January 15, 2015 by in Security

The official website of the popular source code editor Notepad++ was hacked and defaced on Monday by hacktivists protesting against the recently released “Je suis Charlie” edition of the application.

Hackers of the Fallaga Team, a Tunisian group, breached and defaced a large number of French websites following the Charlie Hebdo incident in which 12 people were killed by two masked gunmen.

The website of Notepad++ (notepad-plus-plus.org) became a target after the release of version 6.7.4, “Je suis Charlie” edition.

The attackers defaced the website with a message in which they accused Notepad++ developers of saying that “Islam is terrorist.”

In a statement published on Thursday, Don Ho, the France-based developer of Notepad++, clarified that the hackers have not compromised the binaries of the “Je suis Charlie” edition because they are stored on a different server.

“The message of the defacement accused Notepad++ of inciting hatred towards Islam and accusing Islam of supporting terrorism. The statements of Notepad++ ‘Je suis Charlie’ edition support nothing but the freedom of expression and only that. The fact of Notepad++ supporting the ‘Je suis Charlie’ movement has nothing to do with any accusation towards a specific community,” Ho explained.

“In fact the ‘Je suis Charlie’ movement in France, as far as I can tell, deserves no label of racism or of Islamophobia. I have many Muslim friends who are for ‘Je suis Charlie’. And sincerely, I don’t think that two extremist fools can stand for all Muslims or Islam itself,” he added.

The developer highlighted that those who don’t like the “Je suis Charlie” edition can simply use version 6.7.3, which contains the same features and bug fixes.

Hundreds of French websites have been defaced over the past days. Islamist hackers started launching attacks after some members of the Anonymous hacktivist movement initiated an anti-jihadist campaign in response to the Charlie Hebdo shooting.

The Charlie Hebdo incident has given hacktivists a reason to deface websites, but it has also given cybercriminals the opportunity to lure unsuspecting users to their shady websites. Researchers at OpenDNS discovered a fake BBC News website earlier this week. The site was shut down before experts could determine its purpose, but it could have been used to serve malicious content, redirect users to other websites, or for click fraud purposes.

Subscribe to the SecurityWeek Email Briefing

view counter

Previous Columns by Eduard Kovacs:


SecurityWeek RSS Feed

Yahoo! Changes Tune After Saying Servers Were Hacked By Shellshock

Posted on October 7, 2014 by in Security

On Monday afternoon, Yahoo confirmed to SecurityWeek that servers associated with Yahoo Games had been hacked as a result of the recently disclosed “Shellshock” vulnerability, but has since said its original conclusion was wrong.

In its original statement issued Monday afternoon, the company said that on Sunday night, a “handful” of its servers were impacted but said there was no evidence of a compromise to user data.

Hours later, Yahoo! Contacted SecurityWeek with a change in tune, saying that after all, the servers in question were NOT compromised via the Shellshock vulnerability, but rather a “minor bug in a parsing script”.

“Earlier today, we reported that we isolated a handful of servers that were detected to have been impacted by Shellshock. After investigating the situation fully, it turns out that the servers were in fact no affected directly by Shellshock, but by a minor bug in a parsing script,” a Yahoo! Spokesperson told SecurityWeek. “Regardless of the cause, our course of action remained the same — to isolate the servers at risk and protect our users’ data.”

The company maintained its position that no evidence has been found suggesting that user information was affected by the incident.

Yahoo! CISO, Alex Stamos provided additional details in a post to Y Combinator’s Hacker News.

“Three of our Sports API servers had malicious code executed on them this weekend by attackers looking for vulnerable Shellshock servers,” Stamos explained. “These attackers had mutated their exploit, likely with the goal of bypassing IDS/IDP or WAF filters. This mutation happened to exactly fit a command injection bug in a monitoring script our Sports team was using at that moment to parse and debug their web logs.

Stamos, who became VP of Information Security and CISO at Yahoo! in March 2014, continued:

“As you can imagine this episode caused some confusion in our team, since the servers in question had been successfully patched (twice!!) immediately after the Bash issue became public. Once we ensured that the impacted servers were isolated from the network, we conducted a comprehensive trace of the attack code through our entire stack which revealed the root cause: not Shellshock. Let this be a lesson to defenders and attackers alike: just because exploit code works doesn’t mean it triggered the bug you expected!

The original story with more background on the incident can he found here

Managing Editor, SecurityWeek.

Previous Columns by Mike Lennon:


SecurityWeek RSS Feed