Chris Mosby at myITforum.com

Jun25

Turkish Hackers Relive Memories in Photobucket

by Jovi Umawing (Technical Communications)

Photobucket, one of cyberspace’s more popular image sharing Web sites, was attacked by the Turkish hacker group NetDevilz. Reports spread in forums or discussion boards and security blogger posts. The Register also reported of the attack.

Hackers were said to have used a Domain Name Server (DNS) hack that results to anyone who accesses photobucket.com to be directed not to the legitimate page but to a greeting page from the hackers who performed the attack. A screenshot of the said page can no longer be replicated at this time, but one of the forum posters saved the text (in Turkish), which are as follows:

# NeTDevilz #
… ve NeTDevilz yeniden sahnede
Bizi hatırlayan var mı ? Unutulduğumuzu düşündük ve tekrar
hatırlatmaya karar verdik !
( Turkish hackers group )
ZeberuS - GeCeCi - MiLaNo - The_BeKiR - h4ckinger - SerSaK - KinSize
we are came back !
©2008 NetDevilz Co.
We’re not first,But We’re the BEST!

The text approximately translates to the following (thanks to a post from Paul Mah):

“Is there anyone who remembers us? We thought you forgot us and we decided to remind you again.”

Though Photobucket.com is already back to normal, those concerned about this issue are still waiting for an update from its owners, but as of this writing, no word has been out as to whether the image hosting site would confirm that its servers had indeed been hacked, and also the scope of damage. Users, unfortunately, are left to content themselves with this response, which Photobucket posted in its own forum, much to the frustration of those concerned:

Almost two weeks ago, independent security researcher Dancho Danchev reported in his blog about an attack to ImageShack, a site similar in nature to Photobucket. Only this time, the image-sharing site was attacked using typo squatting and users are directed to sites that serve malware. More details from ZDNet here.

As to motive, it seems the Turkish hacker group is only out this time to lay on some good ol’ cyber vandalism (note that the attack seems to have been conducted against Photobucket’s servers, and not on affected systems as others may think). The fact that the Turkish hacker group has successfully infiltrated the image-sharing site’s servers is a neon warning sign that they can do more damage to the site–or any site for that matter–than just putting up a sign to declare their existence. Perhaps it is a wise move to take this ‘threat-greeting’ seriously. No one knows if they’d be the group responsible for cooking up the next hottest security threat that can cripple a bigger chunk of cyberspace. Here’s to hoping that would not be the case.

Below are some of the most notable DNS attacks on sites to date:

• Al Gore’s Site Hacked
• Comsat Hacked
• Internet Root Server Hacked
• Metasploit Hacked
• YouTube Hacked