Yesterday I visited www . nakumattholdings . com and instead of a normal web, only an image an the next text appeared: “Hacked by Sole Sad & invisible. Iranian Hackers Were Here” like can be viewed in this image: pic.twitter.com/0USM77h46c
My computer apparently works well, I’m doing a full system analysis with my Avast Antivirus and until the moment he hasn’t detected anything, but, can I have been infected? I don`t know if they only have hacked the page or if they are also trying to hack visitors.
This was the hack being performed (just defacement, apperently nothing infectious, but the site is hackable): [ Hacked By ALFA TEaM ]==—<link rel=“shortcut icon” href="
htXp://sole-sad.persiangig.com/image/peace-and-love.jpg" Iranian hackers operating from a USA IP.
Here you see what is out there: http://urlquery.net/report.php?id=5804098 http://urlquery.net/report.php?id=5430574 IDS alert for “ET CURRENT_EVENTS Executable Download named to be .com FQDN”
meaning “Fully Qualified Domain Name” → http://doc.emergingthreats.net/bin/view/Main/2011495 (indicating trojan activity)
line 10: 10:< img src=“htxp://sole-sad.persiangig.com/image/peace-and-love.jpg”> Iranian hackers
(defacement with the web page modified). Generally done for fun, political reasons and by script kiddies
This is being flagged by avast! Web Shield : htxp://ist.net.sa/ as infected with JS:Defacement-H[Trj]