What is a Defacement?
Website defacement is a hack that often involves adding malicious images to the website homepage and other important pages. Beyond the initial embarrassment, the effects of defacement can include loss of traffic, revenue, and trust in your brand.
Defacements are usually simple, requiring little technical knowledge. Hackers often use them to spread awareness of an issue and it’s often referred to as “hacktivism” – whether social or political.
A defaced website also adversely affects the way your audience relates to your brand. This is especially true if you have an e-commerce site, because potential customers may believe that security is an issue on your site and can be lost forever.
How Often Do You See Defaced Websites?
In our latest hacked website trends report, we show that website defacements make up about 5.5% of the malware families we tracked in 2017. This is an increase of 1.5% compared to the total compromised websites cleaned by Sucuri in 2016.
Since a defacement is highly visible, they are usually noticed right away by visitors. Therefore, website owners deal tend to deal with them quickly.
When looking for defacements, most security scanners search for keywords, such as “hacked by ____”.
This type of content has not been seen in any other form of malware; only the typical “Hacked by _____”, or “Owned by _____” message, or an otherwise unwanted defacement of someone’s website.
The HotSpot Shield Free VPN
A single Google search revealed that anchorfree.net is associated with the popular HotSpot Shield VPN. It has millions of downloads in the Google Play Store alone (HotSpot Shield VPN also offers browser plugins for non-mobile users).
There is a free and a paid version of their VPN service. However, in the last year or so, there have been demands for federal authorities to investigate them for deceptive practices, detailed in the official complaint against them.
So what does this have to do with hackers and their defacement pages? Well, we know (in the majority of cases) hackers want to be anonymous. Nowadays, that usually involves using at least one VPN or more.
Nevertheless, hackers (or script kiddies) who perform defacements are often inexperienced. They may lack the suspicion one should have when dealing with “free” services, like HotSpot Shield VPN, or any other free online services. The question they should ask is, how do they monetize their operation?
Hackers Can Be as Vulnerable as Anybody Else
The purpose of explaining how HotSpot Shield VPN works is to show that even hackers can be victims of one of the biggest hurdles in website security: the human’s ability to override otherwise secure settings.
This is most common instance is downloading some type of software – in this case, a free VPN service –unknowingly exposing the user to malware or PUPs (potentially unwanted programs).
Another common instance of this human factor is social engineering; a psychological manipulation that is performed in order to obtain personal information or to have somebody perform unwanted actions.
In short – it is very important to always be suspicious of products advertised as “free”. One must ask what the product or service may be giving away, taking advantage of, or exposing in exchange for their free service.
What Happened to the Defaced Websites?
How Can I Protect My Website Against Defacement?
If you are concerned your website could be defaced, we highly advise taking precautions. First of all, have a website application firewall activated in your website so you reduce the risk of having a website infection. Then, have a good backup solution to ensure you can get up and running in case of a catastrophe.
*** This is a Security Bloggers Network syndicated blog from Sucuri Blog authored by Luke Leal. Read the original post at: https://blog.sucuri.net/2018/09/unsuccessfully-defaced-websites.html