Albanian hackers attack a site and post message against the JP-AVAX construction company!
The J & P-AVAX SA Group is one of the most well-known construction groups in Greece. It includes companies with 7th, 6th, 4th and 3rd class contractive degrees for government projects, as well as companies doing complementary activities, such as real estate, prefabrications, vehicle technical control centers, parking construction, management and exploitation, building management, electronic commerce, project and contract management, timber impregnation, renewable energy exploitation, wind and photovoltaic parks development, etc.
The hacking group AHT-Crew, self-proclaimed Albania Hacker’s Terrorist (Albanian Terrorist Hackers), gained unauthorised access to the construction company site, http://intranet.jp-avax.gr, and posted a message. As apparent from the website name, it is likely that access in the company’s network (Intranet) was given from an internal server.
You can see the posted message below:
The message of the Albanian hackers (nicknamed as Dr.Injection, MR.VIRUS, Individ ^ H4ck and Generaal AI) is purely of nationalist content. The hackers exploited a system functional weakness (the accessed server was the old IIS / 6.0 version) leading to the message post.
Our assessment is that the group does not have high expertise, but, that the attack took place due to deficiencies or forgotten upgrades of the company’s operating system!
It is not the first time the company was targeted by Albanian hackers. In 2012, a subsidiary of JP AVAX had been also targeted.
Unfortunately, it can not be ascertained what information was intercepted by the Albanian hackers and whether the server was dual-homed ie. hackers got simultaneous access to internal data network as well as the Internet.
However, it is certainly something that managers should investigate DIRECTLY to verify the type of data that were targeted, the origin and type of attack.
Find out how to protect your business at: http://cyber.aspida.org