2 Jun 2016

Top 10 Most Active Hacking Groups That Love To Deface Websites

Here's the Top 10 Website Defacers as of January 2016:

  1. GHoST61: 51
  2. Kadimoun: 39
  3. AnonCoders: 35
  4. r00t-x: 31
  5. Shor7cut: 28
  6. Owner Dzz: 27
  7. Toxic Phantom FROM BANGLADESH BLACK HAT HACKERS: 27
  8. TechnicaL: 21
  9. virus3033: 21
  10. Yuba: 17
GHoST61 also topped the ranking last year and remains at the top at the moment. Other familiar names are: r00t-x (moved down 1 rank), TechnicaL(moved down 2 ranks) and virus3033 (moved down 2 ranks). This means that 4 of out of the previous top 10 are still around, while the other 6 weren't listed before.
In terms of organizations containing defaced websites, the Ecommerce Corporation remains the most affected by far. At this point it seems a given that Ecommerce will have the worst ranking so lets look at the other organisations on the list. The full ranking is:
  1. Ecommerce Corporation
  2. Unified Layer (+1)
  3. GoDaddy (-1)
  4. CyrusOne
  5. iServer Hosting
  6. SoftLayer Technologies
  7. Media Temple (-1)
  8. Peer1 Dedicated Hosting (-4)
  9. New Dream Network
  10. Digital Ocean
The top 3 have remained the same, though GoDaddy and Unified Layer switched spots. New entries on the list are: CyrusOne, iServer Hosting, SoftLayer, New Dream Network and Digital Ocean. At this point it's clear that there are a few hosting providers with on-going problems and it doesn't look like they've made any impactful changes to reduce the number of compromised websites.
In terms of products, the vast majority of affected websites were running Apache: