How it feels when you open your favourite website and if you see a skull symbol on it? Awful right .. Imagine the feeling of website owner.
Owner of thenextweb.com faced the same issues, ofcourse he restored the site after hacker attack using wordpress vulnerability and after the obvious restore, he didn't leave the hacker and he traced out him using his email address which used as master email to hack and had a chat with him.
Below is the conversation(source : thenextweb.com) and the hacker is a kid. I Hope you enjoy reading too...
Hacker Kid : Hey! Blog Owner : Hi Sorry, was busy for a moment there. So how are you today? Hacker Kid :Fine and you? Blog Owner :Very good. Can U ask you a few questions about hacking my blog? Will use it for a blogpost on TheNextWeb.com Hacker Kid : Yes you can Blog Owner :Cool. First: how did you do it? Hacker Kid :Well, I used a vulnerability to bypass the admin account. Blog Owner :A vulnerability in an old version of PHPMyAdmin, right? Hacker Kid :No in the wordpress itself. Blog Owner :Really? Cool. And that allowed you to reset the master email address? Hacker Kid :Yes, exactly. Blog Owner :So how did you find out my blog was vulnerable and why did you pick my blog? Hacker Kid :Well, I just searched with google some blogs and I found yours. Blog Owner :You searched for blogs running older versions of WordPress? There must me millions of those right? Hacker Kid :Yes, but they are not all vulnerable and I didn't hacked just your website. Blog Owner :Ah, so how many websites do you hack a week and how many have you hacked in total? Hacker Kid :Well, in total I don’t know but in a week if I have time I can hack a maximum of 50 thousand website, it depends if I found a vulnerability or not. Blog Owner :50,000 websites??? Amazing! So why do you do it? Hacker Kid :Well, we are a hacking team so we do this to protest against somethings, for example the last month I think there was a genocide agains the Uygurs in the west of China and we just hacked around one thousand websites of the chinesse government. Our web page is: www.ayyildiz.org Blog Owner :On my website you replaced my blog with a Turkish text (which i couldn’t read) and an animated GIF of the turkish flag, right? What was that for? Hacker Kid :Well, it was a power demonstration operation against our ennemies so that’s it. Blog Owner :Enemies? Who are your enemies then? Are they Turkish? Hacker Kid :Well, we have a lot of ennemies, our bigest ennemies are Russian hackers and Brazilian hackers. Blog Owner :How much traffic or attention does it get you to hack blogs? I mean, it seems not so effective to go through all the trouble of hacking blog and then displaying a message that only Turkish people can read, right? Hacker Kid :Yes, of course your right, but it was because of a power demonstration, we hacked the United Union this year and there was a message to them, if you want you can search about it, I saw it in the European press. Blog Owner :Okay, that sounds like you could learn a lesson in marketing if you ask me. If I would hack 50,000 blogs a week I would make sure to have a multi-language message there, a link to my website and a cool design. do you know how long blogs stay hacked on average? My host restored my blog within the hour and I’m wondering how long it generally takes before blogs get restored? Hacker Kid :Well, it depends, in general it takes 2 or 3 days. Blog Owner :Do you have a link to a blog you hacked this week that hasn’t been restored yet? Hacker Kid :Wait a moment I will look. There is one I think: http://www.serviaduanas.com/ Well :D, actually if I don’t hack those websites some other people will find the vulnerability and hack it so I don’t think about it. But yes I know it ruins some peoples day because I had also I website hacked. Blog Owner :That really isn’t a good excuse right? You can always make the personal choice not to do it. Just because some people steal doesn’t mean you have to do it too? But okay, next question: how old are you? Hacker Kid : I’m 17 years old. Blog Owner :What are your plans for the future? Hacker Kid : Well, I’m a student and I’m in the economies section of my school, in the future I would like to be a broker or something like that but I won’t stop hacking because it’s just like a game for me. Blog Owner :A game that could get you jailed and annoys a lot of people? Next question: You mentioned that you were surprised that I contacted you. Why? How many people contact you when their blogs get hacked? Hacker Kid :Well, generally if somebody contacts me he or she just insults me and his or her situation becames more bad. :yes I was surprised to be contacted for a short interview. Blog Owner :I see, and if they insult you you take that as an invitation to hack them again? Hacker Kid : There’s an article about the UN but it’s Turkish: http://www.haberturk.com/haber.asp?id=161133&cat=180&dt=2009/07/27 Hacker Kid : Well, yes and sometimes I just bomb their e-mail account so that they can’t use it more. Blog Owner :You sounds like a skilled hacker. Don’t you think you could use those skills for more interesting stuff? Like starting a company online or working as a developer? Hacker Kid :Yes, of course I think I can start a company but for starting a company we need time and that’s the biggest problem, as I’m a student I have to study. Blog Owner :But you do find the time to hack 50,000 websites a week? :-) So, thank you for your time. Is there anything you would like to tell me or our readers? Hacker Kid : Well, I thank you too for spending your time and no I don’t want to say something special to your readers. Blog Owner :Well, I do have one last request: please don’t hack me any more… Hacker Kid : Okey :)