Short Bytes: John Matherly, the founder of the hacker search engine Shodan, releases a list of the most efficient hacking groups that love to deface websites. He has recently published the third edition of this list on Shodan blog. A Turkish hacking group named GHoST61 has topped the list for the third time. Talking about the underlying server technology, Apache Web was the most affected one.
The latest top 10 most efficient hacking groups list was released yesterday and it features GHoST61, a Turkish hacking group, at the top. This relatively unknown group has topped the list once again after claiming the top title in the previous two versions.
If we look at the list from previous years, there are just 4 familiar names in this year’s list — r00t-x (moved down 1 rank), TechnicaL(moved down 2 ranks) and virus3033 (moved down 2 ranks).
Most of the attacks by these groups are opportunistic, which means that hackers just come across the unprotected websites, leave the defacement messages behind and move to bigger targets.
Top 10 website defacing hacking groups as of Jan 2016:
- GHoST61: 51
- Kadimoun: 39
- AnonCoders: 35
- r00t-x: 31
- Shor7cut: 28
- Owner Dzz: 27
- Toxic Phantom FROM BANGLADESH BLACK HAT HACKERS: 27
- TechnicaL: 21
- virus3033: 21
- Yuba: 17
If we come to the top targets of website defacers, the servers of Ecommerce Corporation remain the most affected, followed by Godaddy and Unified layer. The new entries in the list are CyrusOne, iServer Hosting, SoftLayer, New Dream Network and Digital Ocean.
Top 10 organizations containing most number of defaced websites:
- Ecommerce Corporation
- Unified Layer (+1)
- GoDaddy (-1)
- iServer Hosting
- SoftLayer Technologies
- Media Temple (-1)
- Peer1 Dedicated Hosting (-4)
- New Dream Network
- Digital Ocean
About the underlying server technology, the Apache Web is the most affected with 1,584 defaced websites. It’s followed by nginx with 222 and Microsoft’s ISS with 111 instances. Here’s the complete list:
Have something to add to this story? Tell us your views in the comments section below.