Nouse website infiltrated by Kurdish anti-ISIS hackers

Image: Dan Powell

A hacker by the name of “MuhmadEmad” has accessed a number of websites across the world, including Nouse, to leave messages in support of the Kurdish Peshmarga forces.

The hacktivist, believed to be working as part of a “Kurdlinux” team, edited an online review of DramaSoc’s production of Nick Payne’s Constellations to feature a picture of the Kurdish flag, along with the following text:

“HaCkeD By MuhmadEmad / Long Live to peshmarga / KurDish HaCk3rs WaS Here / kurdlinux007@gmail.com / FUCK ISIS !”

The Peshmarga are the armed forces of the Kurdistan Region, and reportedly assisted in the mission to capture Saddam Hussein. They have been waging war against ISIS in Iraq and Syria.

Other hacked websites include the Duke of Edinburgh’s Award webpage, the blog of US conservative commentator Glenn Beck, and the Irish National Treasury Management Agency.

Business technology website ZDnet, a victim of the hacks, claimed the attacks were made possible by a security weakness in WordPress’s publishing software.

Japan’s state-run Information-technology Protection Agency (IPA) has, since the hackings, urged website administrators who use WordPress as their platform to update their software to the latest version “immediately”. Websites ran by two of the nation’s hospitals fell victim to the Kurdish group’s hacks.

The agency warned that software versions 4.7.0 and 4.7.1 contain the vulnerability.

Speaking to The Irish Times, IT security consultant Brian Honan commented that hacks of this nature “arise in websites that are not patched regularly enough”.

“Software providers like WordPress regularly send out patches or updates to deal with vulnerabilities,” he added. “Sometimes, websites are targeted before they have had time to apply the patch.”

The Nouse website had recently been updated with a redesign two weeks before the hack, and so did not coincide with the necessary software update.

According to ARA News, the same hacker had previously targeted governmental websites in August 2015. This was allegedly in response to Turkey’s bombing of Kurds.

Leave a comment