Two recent attacks targeting Web hosts, with LulzSec and its affiliates being the prime suspects, raises concern that the groups are targeting everyday users in their attacks, and taking websites offline.
In the latest attack, account data stolen from Web hosting company JustHost was posted to Twitter by hacker group @ContraHax on June 23.
According to The Hacker News, which alerted JustHost admins of the attack, the breach appears to be part of AntiSec launched by LulzSec and Anonymous Operations in an attempt to wage war on all governments and digital security companies.
Included in the leaked data is critical information of thousands of websites, including a DNS file, website directory, and a password backup.
The breach paints a concerning image, given that LulzSec is suspected of a June 11 attack against Australian Web hosting company DistributeIT. The attack caused the loss of at least 4,800 websites, which the company stated were “unrecoverable,” leaving website owners with nothing. The attack was particularly devastating for online business owners.
The company stated in its blog that the attack was a “deliberate attempt to take down the DistributeIT business,” and did not appear aimed at stealing user data. They added that the swift, highly coordinated attack seemed to be aimed at doing “as much damage to our systems and software as possible, which they were largely successful at achieving.”
They added the attack “lasted only a short duration and was targetted towards destroying drive header files therefore maximizing the impact in the short time they had before our engineers shut down the Network.”
Australian web business coach James Schramko commented on the DistributeIT attack, noting an important point that “When everything rides on your websites, it is absolutely critical to have back-ups. It is unwise to rely entirely upon the back-ups made by hosting companies; you must make back-ups yourselves. A dedicated member of my team at SuperFastBusiness does that on a regular basis.”