Website Defacement: Age-Old but Still Works | WhoisXML API

Threat Reports

Website Defacement: Age-Old but Still Works as Ongoing Campaigns Show

Threat actors typically employ website defacement to further their political, environmental, or even personal agenda. Through SQL injection, cross-site scripting (XSS), and other initial compromise tactics, they replace the content of target sites to display their specially crafted messages.

If you want your organization to stay safe, our detailed threat research materials based on threat researcher Dancho Danchev’s initial findings and our team’s more in-depth investigation results may be able to help.

Our deep dive into the threat revealed:

  • Close to 90% of the email address indicators of compromise (IoCs) used free services.
  • The email address IoCs were distributed across service providers.
  • The email address IoCs led to the discovery of 20,000+ possibly connected domains, some of which are already being detected as malware hosts or phishing sites by various malware engines.

Download a sample of the threat research materials now or contact us for accessing the complete research materials.

Try our WhoisXML API for free
Get started