Security16.02.2016

Anonymous nailed 3,392 sites on Webafrica – this is how they got in

Anonymous South Africa TobitowTHA defacements

A hacker who associates with Team Hack Argentino and the Anonymous collective, TobitowTHA, has claimed responsibility for defacing 3,392 South African websites.

Based on the URLs the hacker published, all of the defaced sites were on Webafrica’s shared hosting infrastructure.

Tobitow has told Softpedia that he used a Joomla vulnerability to get in and deface the websites.

This is a common approach to a mass defacement attack on shared hosting servers — exploiting a weakness in one site on the server to gain access to all the sites hosted on it.

OpAfrica

TobitowTHA #OpAfrica defacement

Tobitow said that he did not steal any of Webafrica’s customer data, or information from the defaced websites.

He said that what matters here is that the #OpAfrica message reaches people around the world.

Anonymous announced Operation Africa, or #OpAfrica, at the start of February, saying that it would focus on “a disassembly of corporations and governments that enable and perpetuate corruption on the African continent.”

It would also focus on child abuse, child labour, and Internet censorship within Africa.

While some of the defaced sites remain online and usable, many have been taken offline.

Webafrica was asked for comment on TobitowTHA’s attack on its servers, but it did not respond by the time of publication.

Tobitow's list of defaced Webafrica sites

A screenshot of Tobitow’s list of defaced Webafrica sites

Anonymous hacks and leaks South African government data

Massive number of South African websites hacked by Anonymous

ANC Government on Anonymous hack list

Anonymous hacks SA government database

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter