It hasn’t been announced why so many websites have been hacked over the last few days, hackers Mr. Ferksh and Dr.SiLnT Hill attacked over 99 websites on South African Websites Monday, February 22, 2016. The hackers uploaded this message about the attack on many of the websites:
Dr. SiLnT Hill:
Hacked by Dr.Silnt Hill # .. Muslim Hackers Freedom Cry.. Egyptian Hackers
And Mr. Ferksh:
Hacked by Mr.Ferksh # .. Muslim Hackers Dr.SiLnT HilL.. Egyptian Hackers
It would not appear that these attacks are politically or emotionally motivated, and as of yet we haven’t received any knowledge stating otherwise, and it’s undoubtedly due to the hackers uploading executable files to the server (f.htm, ferksh.htm and eg.htm) to over-run security protocols and allow the attack.
How Did They Get Hacked?
According to zone-h records, (Dr.SiLnT Hill and Mr. Ferksh) both hacked Windows 2012, but Dr. SiLnt Hill had hacked Linux servers the day before, and had left the following messages:
From : Je Suis Mohamed
Content# : fb.com/dr.silnt
Gr33Tz T0 :Freedom Cry .selin Aydin. Team 1337Explit F/L ..Forever
Owner Hacker Egypt
(You can view the cached mirror image of this hack here)
We believe that it’s most likely that hackers gained access to the Administrative function of Windows programming to take advantage of the servers and hosts to post their html hack page on the websites that were affected. We aren’t completely sure how they gained access to the Administrative user functionality, this is by far the easiest way for hackers to breach a Windows 2012 server. We’ll keep you updated as this case evolves, and inform you if the situation changes.
To view the list of websites that got hacked, click here.