At First, it looked to be a simple attack. But It turned to be a massif defacing hacking session for the hackers of “Typical Idiot Security” team.
After the recent world wide ransomware attacks, Petya and WannaCry, governments seem to not have learn the lesson. “AnoaGhost” of the “Typical Idiot Security” take the opportunity to exploit old vulnerabilities like “Joomla Vuln Injections” and “SQL Injection” to defaced official governmental websites. Most of the hacked websites are Indonesian or French. They published a complete list on their official facebook page counting around 100 websites which have been hacked in one day.
The 07/05/2014 at 20h11 Paris TZ, He managed to hack the official website of the Police Department of the University of Georgia – https://www.police.uga.edu/. The archive of this attack is available here. The 07/05/2017 at 23h55 Paris TZ, the defacement was still active.
We can see on the left side the official and original content of the police department website. On the right side, it’s the new content, based on their defacing template. They used to change the original content by this one on each defacement they do.
This team seems to be affiliate to any cyberterrorist group and doesn’t display a political message for now. They are only harming websites and fortunately don’t show shocking contents. Most of the victims has already fixed the hack. There is no public answer of the cyber authorities at this subject at this time.