Congressional web sites defaced

Visitors of websites of some Congressional representatives and of a few committees were greeted on Wednesday evening by a short message with colorful language.

The websites were apparently defaced shortly after President Obama’s first State of the Union address, and according to the message the culprits are three hackers from the Brazilian RedEye Crew, which has been operating for a while, and have defaced thousands of websites through this period. Most of these sites were Brazilian, and some of them – 453 to be exact – belonged to its government.

Praetorian Prefect reports that this time around, the victims were Congress representatives Charles Gonzalez, Spencer Bachus, and Brian Baird, Ray Lujan, Harry Teague, Steve Driehaus… The list of defaced websites kept on growing:

altmire.house.gov
arcuri.house.gov
bachus.house.gov
baird.house.gov
barrow.house.gov
bilirakis.house.gov
boccieri.house.gov
bright.house.gov
campbell.house.gov
carnahan.house.gov
carson.house.gov
charliewilson.house.gov
childers.house.gov
coffman.house.gov
dahlkemper.house.gov
davis.house.gov
doggett.house.gov
driehaus.house.gov
energycommerce.house.gov
gonzalez.house.gov
gop.cha.house.gov
hersethsandlin.house.gov
honda.house.gov
hunter.house.gov
joewilson.house.gov
kirk.house.gov
kosmas.house.gov
larson.house.gov
lipinski.house.gov
lofgren.house.gov
lujan.house.gov
mccollum.house.gov
mcnerney.house.gov
mikepence.house.gov
mitchell.house.gov
mollohan.house.gov
murphy.house.gov
murtha.house.gov
olver.house.gov
quigley.house.gov
republicans.financialservices.house.gov
republicans.oversight.house.gov
resourcescommittee.house.gov
roe.house.gov
schakowsky.house.gov
shea-porter.house.gov
teague.house.gov
tierney.house.gov
welch.house.gov

It seems that the reason the hackers defaced those sites and not others has nothing to do with politics. All of the sites on this list are managed by GovTrends, a private web development company from Virginia, to whom this is not the first time to be bested like this – half a year ago 18 official House sites they were managing have been hacked.

It is yet unknown how the hackers have managed to perform this action, but it is speculated that perhaps a security vulnerability in the Joomla content management system could be blamed, since all the websites have that in common, and this particular group of hackers has defaced Joomla.org website a year and a half ago.

Don't miss