The official website of the United Kingdoms’s Police Department has been hacked and defaced by the hackers going by the alias of “K3L0T3X” and the hackers collective going by the name of “TurkHackTeam”. The attackers hacked into the websites subdomain, NAVCIS (National Vehicle Crime Intelligence Service), defacing the websites pages by editing a previous post and plastering their own message instead.
The hacker K3L0T3X posted this message in his defacement of the website:
Hacked By K3L0T3X
Greetz : Prosox, RxR, General KBKB
\!/F*ck Nofawkx Al. I was in Nofawkx Before you ~Hacked By K3L0T3X\!/
On another page of the same website, the Turkish hacking group, TurkHackTeam posted:
….::: x1x1pezo1x1x and takisik (defacer taki) hacked by TurkHackTeam.org ….:::
As of the moment of the writing of this article, the website is still defaced. The motives behind the attacks are unknown as of yet. It is still too early to know whether or not the hackers stole any confidential files and data from the Police departments databases. However, it can be assumed that the attackers only did it because they found a vulnerability within the website. The web administrators of the website and the UK Government are yet to address the breach.
High profiled defacements such as this one have been attacked by hackers from all over the world in similar fashion the second the WordPress REST API Exploits were discovered. Websites who failed to download the patch and upgrade deployed by the WordPress Security Team have all been targeted.
Millions of websites were affected by the vulnerability with websites of high profiled organisations such as MIT and now, the UK Police Department being targeted and defaced.