Pro-Israeli hacker Yourikan (you-r!-k@n) is claiming to have hacked and defaced as many as ninety-one Iranian websites.
In a message sent to Infosec Island editor Anthony M. Freed, Yourikan indicated the attacks were leveled against Iranian government, education and business targets in protest of Iran's continued pursuit of nuclear weapons and support for terrorist activities targeting Israel.
"91 Iranian sites were hacked and they own by me. Which several government sites eg http://ashayer.gov.ir this is the Tehran's urban development and other gov.ir, A large number of sites faculties and institutions, for example Iranian university http://sama-saveh.ac.ir/info1-28.htm one of the largest universitie in Iran Large electronics companies sites http://gaamelectric.ir/info1-28.htm gaz and oil company http://satrap.ir/info1-28.htm and this one http://www.tw.org.ir/info/mainpage.asp ...This is an attack against Iran than support terrorism and developing nuclear weapons to destroy Israel."
At the time of the writing of this article, the websites provided in Yourikan's statement above were showing signs of defacement similar to the following screenshot provided by Yourikan:
(click image to enlarge)
Infosec Island asked Yourikan to answer a few simple questions to clarify his methods and intentions for instigating the attacks:
Why did you hack the sites?
you-r!-k@n: "i hacked the irnian sites in order to tell a message to the world and to the citizens of iran... israel will not tolerate terror, israel will not acept nuclear iran."
What method did you employ to hack them?
you-r!-k@n: "exploits... sql inject... weak passwords... xss trojan... Social engineering and more and more. every site is a different war. security and offensive security is my job."
What do you hope to accomplish with the defacements?
you-r!-k@n: "message to the world and to the citizens of iran."
Do you have plans to attack more Iranian sites?
you-r!-k@n: "as well as leadrs of iran will continue to calling to destroy isarel and to devloped nuclear boom, i will contunue my personal war."
Will you continue to use defacement as a form of protest?
you-r!-k@n: "i am trying not to hurt the citizens of iran (like stealing money and more, this is not my kind of goal). i can as you know i can do much more then deface... as i taked down the whole irimo.ir domain (all the active directory). full admin on the domain and all servers (more then 1000 objects)."
Previously, Yourikan is known to have similarly hacked and defaced the websites for Iran's state radio station (radio.irib.ir), the site operated by an Iranian water utility (tw.org.ir), and a site belonging to the Iranian Meteorological Organization (irimo.ir).
The websites targeted in the attack now appear to have been taken off line. Yourikan stated via email the following:
"btw all the sites were deleted today (del *.* :-) i had a console backdoors on the server )this is the end of the attack. the dns + the webservers doesn't exist anymore... you can see it by the response of:"
"as well all of the sites... this is t he end of my attack... i guess now they will rebuild it from scratch..."