Top 10 Most Active Hacking Groups That Love To Deface Websites


top hacking groupShort Bytes: John Matherly, the founder of the hacker search engine Shodan, releases a list of the most efficient hacking groups that love to deface websites. He has recently published the third edition of this list on Shodan blog. A Turkish hacking group named GHoST61 has topped the list for the third time. Talking about the underlying server technology, Apache Web was the most affected one.

Shodan is often labeled as the ‘world’s scariest search engine‘ or the hacker search engine. It was created by John Matherly who named this project after the evil computer in the video game System Shock. Every six months, he publishes a list of the top 10 most active hacking groups from all around the world when it comes to defacing websites.

The latest top 10 most efficient hacking groups list was released yesterday and it features GHoST61, a Turkish hacking group, at the top. This relatively unknown group has topped the list once again after claiming the top title in the previous two versions.

If we look at the list from previous years, there are just 4 familiar names in this year’s list — r00t-x (moved down 1 rank), TechnicaL(moved down 2 ranks) and virus3033 (moved down 2 ranks).

Most of the attacks by these groups are opportunistic, which means that hackers just come across the unprotected websites, leave the defacement messages behind and move to bigger targets.

Love Hacking And Pentesting? Get Started Here

Top 10 website defacing hacking groups as of Jan 2016:

  • GHoST61: 51
  • Kadimoun: 39
  • AnonCoders: 35
  • r00t-x: 31
  • Shor7cut: 28
  • Owner Dzz: 27
  • TechnicaL: 21
  • virus3033: 21
  • Yuba: 17

If we come to the top targets of website defacers, the servers of Ecommerce Corporation remain the most affected, followed by Godaddy and Unified layer. The new entries in the list are CyrusOne, iServer Hosting, SoftLayer, New Dream Network and Digital Ocean.

top products most affected server organizations defaced websites

Top 10 organizations containing most number of defaced websites:

  • Ecommerce Corporation
  • Unified Layer (+1)
  • GoDaddy (-1)
  • CyrusOne
  • iServer Hosting
  • SoftLayer Technologies
  • Media Temple (-1)
  • Peer1 Dedicated Hosting (-4)
  • New Dream Network
  • Digital Ocean

About the underlying server technology, the Apache Web is the most affected with 1,584 defaced websites. It’s followed by nginx with 222 and Microsoft’s ISS with 111 instances. Here’s the complete list:

top products most affected server techology defaced websites

Have something to add to this story? Tell us your views in the comments section below.

Love Hacking And Pentesting? Get Started Here

Adarsh Verma

Adarsh Verma

Fossbytes co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email — [email protected]
More From Fossbytes

Latest On Fossbytes

Find your dream job