Pro-Russian hacktivists are still trying to keep up the pressure. After French communities and small businesses targeted in May, Anonymous Russia and UserSec have just claimed Monday on Telegram messaging the removal of 55 sites in “fr”, targeted because of French support for Ukraine, invaded for more than one year by Russia.
Spotted in particular by Sesame it, a French publisher of cybersecurity solutions, the malicious campaign has visibly affected sites of small businesses or artisans, all targets that have nothing to do with the ongoing conflict. With various successes: if many sites displayed Tuesday the mention “Hacked by INDIAN CYBER FORCE”, one of the collectives of UserSec, others were always accessible. Finally, one of the companies supposedly affected assured ZDNET.fr that its web portal had been inaccessible for several years anyway.
WordPress flaw
According to Sesame it, the majority of the websites attacked are hosted on a server located in the Netherlands, an IP address attached to the web hosting company Hostinger. “For the time being, no evidence of compromise of the 195 other sites hosted on this server has been detected”, also specifies the company.
The cybersecurity publisher believes that hackers likely exploited a flaw in a plugin, WooCommerce Payments, of the WordPress content management system, to succeed in their defacing attacks. As noted by Wordfence, this vulnerability, which allows an attacker to gain administrative rights, has been the subject of a very large-scale campaign since mid-July targeting approximately 157,000 sites.
Nuisances with no long-term impact
With this latest stunt, pro-Russian hacktivists are trying to broaden the range of their actions beyond just denial of service, attacks that have followed one another since this spring. A nuisance certainly painful but “without real impact in the long term”, as Vincent Strubel, the director general of Anssi, had recalled.
But no matter: this cybervandalism is above all intended to make noise. However, it remains on a very modest scale. In 2015, attacks by defacement supported by Islamist hacktivists had affected, then explained the armies, around 19,000 sites, a massive campaign “never seen before”.