Two days ago a group of hackers going by the name of “Tenebris Hacking” released an updated list of 248 international web pages recently hacked, adding to a previous list of 169 others released to the public earlier this year on January 8th, 2019. The attacks have been claimed by a hacker going by the name of “Poison.sh,” an infamous Brasilian hacker known for specializing in website defacement’s. For example, doing a quick Google search for Poison.sh will tell you everything you need to know about them – lulz.
The motivation behind the attacks or reasons why individual websites are targeted remains unknown, but it is presumed Poison.sh scans various websites to find known vulnerabilities via Web Application Attack– exploiting any/all effected. It does not appear as through data breaches or leaks are of any interest to this particular hacker, at least I have never found any, instead he just compromises a websites administrator panel to upload the groups logo into the sites media folder – essentially stamping the site to serve as proof that it has indeed been hacked.
Full List of Website Effected: https://ghostbin.com/paste/bsuas
Example Screen Shot:
Representando a U.N.S.A. o grupo Tenebris Hacking. (https://t.co/VpKz8kScU9)
248 siteshttps://t.co/ZAWui1hXnRhttps://t.co/T7yw2hLmDHhttps://t.co/dni6cpn6izhttps://t.co/NsYEi7pPtT@defcon @RogueSecLabs @LabDefCon
— Tenebris Hacking (@HackingTenebris) January 18, 2019