A hacker going by the name of “aDriv4” has exploited and defaced 21 official Italian governmental websites on Wednesday, February the 1st. The hacker injected the websites via an exploit and uploaded a defacement file named “adrix.gif” onto the websites.
The targeted websites include websites such as
icrsanzio.gov.it
scuolafilottrano.gov.it
comprensivogaggiano.gov.it
cpiapordenone.gov.it
icmanzonicorridonia.gov.it
icmpolo.gov.it
(Full list of defaced websites can be seen here)
The hacker defaced the government websites by uploading a gif formatted image stating:
Hacked by aDriv4
hacker girl
hacking is my passion! <3
As of this moment, the websites have been restored and the defacements have been removed by the web administrators. It is clear to see that the hacks were not politically motivated and merely just for fun. No damage seems to be have been caused by the hacker, however the main vulnerability in the websites seem to have come from a WordPress plugin. The defacement gif formatted images were all uploaded to the same directory on each site. (www.*****.com/wp-content/gallery/42/vz/)
We advice the web administrators to have a look at the log directories and pinpoint which plugin was exploited so as to avoid the same exploit being injected again. It is unclear whether a patch has been deployed by the plugin developers at this moment in time and no official announcement or statement has been reported from the Italian Government. Hacks like these are not very uncommon and thousands upon thousands of websites fall victim to such exploitations and attacks every single day, and we can learn from this incident by remembering to keep your websites thoroughly updated and patched with the latest plugins used.
