No One is Ever Secure: How Hackers Got Hacked

Mar 28, 2014

Aleksandra Olszewska & Aleksandra Kwiatkowska

You have probably heard about EC-Council and the latest attack. What happened? Who did it? Are ethical hackes in danger because of unethical methods? Only in Hakin9 Magazine – every informations and tracks in this special review.

Introduction: EC-Council
The International Council of Electronic Commerce Consultants (EC-Council) is a U.S. Proffesional organisation. It operates the EC-Council University, offering Masters Degrees in Security Science (MSS) and Business Administration in e-business (MEB). Also, EC-Council is an organizator of conferences: Hacker Halted, Takedown, and CISO Forum.
But the EC-Council is best-known by its proffesional training and certifications in the information security - like Certified Ethical Hacking, which is a main subject of this Hakin9 Magazine's issue.

What happend?
Persons who tried to visit the EC-Council webpage between 22th and 24th February must have been a bit astonished:


At the official EC-Council webpage the main page has been hijacked and redirected visitors to a defacement page hosted at an ISP in Finland (h/t Ars Technica).
As it is shown in screenshot above, the hacker post the message: "Owned by certified unethical software security professional". He, or she, also posted the scan od Edward Snowden's U.S. passport and his correspondence with EC-Council – a proof that the hacker has an access to EC-Council datas.
But it was just a begin of breaking the website. Next message from hacker:

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023