Original ANCYL website hacker speaks out

The website of the ANC Youth League has been a frequent target of hackers and was defaced twice last week – once on Sunday, 24 July 2011, following media reports of Julius Malema’s trust fund, and again on Monday during an ANCYL press conference.

An individual claiming responsibility for the hacks reached out to MyBroadband to set the record straight, explaining that the timing was co-incidental and that they had contacted the website administrators.

Unwembi, the web development and hosting company for the ANCYL website, confirmed that they had received communications from someone claiming to be the hacker.

Floyd Shivambu, spokesperson for the league, told the M&G that the ANCYL website was under attack by right-wing white people. “Even the web developer has said such people are doing that,” Shivambu said.

Unwembi disputed this, and the person claiming to be the hacker said that their motivations were borne out of curiosity, not politics.

First!

The hacker who posted the Dumb & Dumber image on Monday, 25 July 2011 explained they used a vulnerability left there by a previous hacker.

ANCYL website hacked - 25 July 2011
ANCYL website hacked - 25 July 2011

This hacker, or hacking group which calls themselves the {Blah} {Blah} Protest Group, has now taken responsibility for creating the vulnerability and doing the original hack on the ANCYL website in March 2011 . They also claimed responsibility for last week Sunday’s hack and a hack that hadn’t been reported in the media that added a comments section to the website.

“Our Hacks are the ones that look like they are part of the website,” the group said.

According to a {Blah} {Blah} representative, who is also the hacker credited with the first defacement of the ANCYL website, they breached the security of the ANCYL webserver by exploiting a vulnerability in a website that was hosted on the same server.

An attack known as local file inclusion (LFI) was used to get the database password of the vulnerable website, which {Blah} {Blah} said turned out to be the same password needed to access the backend systems which yielded them the database password for the ANCYL server.

With access to the database, the hacker was able to place a false post announcing the resignation of Julius Malema.

The hacker said that Unwembi has since fixed this vulnerability.

Unwembi didn’t comment on whether this was the case by the time of publication, but an independent security expert who wished to remain anonymous confirmed that the site from which the original attack was staged appears to have been moved to a different server.

The security expert also said that the details of the attack sounded legitimate as many sites on shared hosts get hacked due to the fact that a vulnerability in one can expose them all to attack.

The approach detailed by {Blah} {Blah} also sounds plausible and likely, the expert said, adding that the claims can’t be proven without confirmation from Unwembi.

Hactivism 101

In a recent post from their Twitter account, the group responded to Shivambu’s allegations that the attacks come from “right-wing white people.”

“Floyd seriously White and Right Wing. Wrong and Wrong again,” the tweet stated. “We are not promoting a racist agenda we are instead protesting against stupidity.”

Asked about their motivations for the hacks, the {Blah} {Blah} Protest Group said that they really love South Africa and could not sit idly by when someone is blatantly trying to incite violence and racial tension.

“So we discussed a simple plan to let people see what kind of a person Julius really is.”

The plan involved using slapstick humour to talk about the issues, “Hence ‘Blah Blah’,” the group said.

According to {Blah} {Blah} the ANCYL site is still vulnerable.

“We will continue to provide relevant thought-provoking humour on the ANCYL website until such time as common sense finds its way back into that organization,” the {Blah} {Blah} Protest Group said.

 

Latest news

Partner Content

Show comments

Recommended

Share this article
Original ANCYL website hacker speaks out