Turkish Hacker Targets NZ Sites

TURKISH HACKER TARGETS NZ SITES
By Schwarz Reuben

The Dominion Post (Wellington, New Zealand)
February 14, 2007 Wednesday

NEARLY 600 New Zealand websites have been hijacked by a Turkish
computer hacker.

The attack hit Kiwi websites and 300 international sites hosted on
the same American-based server, a computer that holds the information
displayed on Internet pages. The Kiwi websites were hosted mainly by
Vodafone- owned Internet provider ihug.

In each case, the content of the website’s homepage was replaced
with an animated knight, Turkish pop music and a cryptic message in
Turkish. Closing the page triggered a pop-up to a Turkish hacking
website.

The hacker, calling himself "Iskorpitx", is one of the world’s most
prolific, responsible for about 180,000 attacks since 2003. He is
believed to be a 45-year-old Turk, whose previous attacks included
anti-French, anti- Greek and anti-Armenian diatribes.

This time his motive is more cryptic. The message on the hacked Kiwi
sites means "the worldwide brand can not be imitated", according to
translation firm A2ZTranslate.

Ihug spokeswoman Annabel Gould said the company was aware of only
about 60 businesses that had been affected. However, an informal
survey conducted by The Dominion Post suggests there were many more,
with about 94 per cent of the roughly 575 hacked websites polled
hosted by ihug.

Ms Gould said the security breach was fixed yesterday, but the
hacker’s page was still present on many sites because customers had
yet to upload their original home page again.

Sunday’s attack hit many types of businesses, including outdoors shops,
private investigators and cat hotels. Several businesses contacted
were not even aware their websites had been hijacked — though others
felt the sting of having their site down for nearly two days.

Canoe & Kayak owner Peter Townend said customers used its website
to buy its products and make bookings. The attack had been a "huge
inconvenience".

Glove wholesaler Omnigloves realised its site had been hijacked after
a customer complained. "We are thinking of going to another service
provider," said part-owner Ann Dodds. "What’s the point of having a
website if people can’t get on it?"

The attack occurred onan American server run by Quik.com. Ihug
inherited some clients hosted there after it bought local subsidiary
Quik.co.nz last year. Ms Gould said ihug was considering whether to
offer compensation. Where possible, it would move customers to its own
"far more secure servers".