HQ/EMEAFind out how we can help your business
iZOOlogic security researchers have recently found a trove of web resources utilised by threat actors and hacktivist groups to carry out attacks and defacements on target websites. These discoveries shed light on the tools and methods employed by malicious actors to compromise online platforms, posing a significant challenge to web security.
Among the findings are three distinct web resources: https[:]//deface.prinsh.com/#home, https[:]//shell.prinsh.com/#home, and https[:]//tools.prinsh.com/home/?index. These URLs serve as gateways to a variety of tools, including web shells, defacer scripts, online hacking tutorials, and other resources essential for orchestrating cyber attacks.
A closer examination of https[:]//www.prinsh.com/ reveals it to be a hub for defacers, offering comprehensive content related to website defacement. The site provides a wealth of information, including step-by-step guides, PHP shells, and defacement scripts. For threat actors seeking to deface a website, the process typically involves identifying vulnerable endpoints or loopholes within the target site.
Once identified, attackers exploit these weaknesses to upload a backdoor shell, providing them with unrestricted access to the website’s backend. This backdoor shell empowers threat actors to edit, delete, or modify any files on the compromised site. The main pages, such as index.html or index.php, become susceptible to manipulation as attackers insert custom defacement HTML code, altering the visual presentation of the website.
Aside from malicious web resources, compromised websites were also found.
Moreover, iZOOlogic researchers have identified several websites that have fallen victim to cyber-attacks from threat actors who utilised the aforementioned web resources. Among them, ezfilingsolutions[.]com was hacked by the notorious Team Arxu threat group, while rajpachar[.]com succumbed to the actions of the ANON SEC BD group. In addition, bhabua[.]ges.edu.in found itself compromised by the FidzXploit group.
These recent discoveries by the iZOOlogic researchers are a crucial alert to the continuous battle against malicious actors. Increased awareness, coupled with proactive cybersecurity measures, remains vital in safeguarding the integrity of online platforms against the threat of cyber attacks.
