700,000 sites on Inmotion Hosting Server hacked by TiGER-M@TE in one shot !
The Hacker News

700,000 websites hosted on InMotion Hosting network hacked by TiGER-M@TE including Trinity FM, Blast Magazine. It was not just a server hack, actually whole data center got hacked. List of all hacked 700000 sites are available here. Hackers copied over the index.php in many directories (public_html, wp-admin), deleted my images directory and added index.php files where they weren't needed. 2,00,000 websites hack mirror already Submitted to Zone-H by TiGER-M@TE. We (The Hacker News) talk with hacker about the hack, He claim "I hack 700000 websites in one shot, this may be a new world Record. After submitting 200,000 domains,zone-h was going down again and again and became almost unresponsive in the end.so i was unable to submit all websites.so i've listed all domains in attachment. It was not just a server hack, actually whole data center got hacked."

In Motion acknowledged the breach as :
"Dear Customer,
At around 4am EST, our system administration team identified a website defacement attack affecting a large number of customers. We are still investigating, but it appears that files named index.php have been defaced.
If you have a backup of your site, you may upload your index.php files to correct this. You may need to do this for each directory. If your site uses an index.html or index.htm, you will need to upload those files, then delete the index.php."
Later Update by InMotion:
"Systems has been successful in restoring a portion of the affect sites. They are refining their repair method now and should be able to begin deploying the update to additional sites shortly. Please bear with us for another 1 hour when we feel we will have more information to share."


TiGER-M@TE is the same hacker who successfully deface Google Bangladesh website. We interviewed TiGER-M@TE, who claimed to be hacking since 2007, working alone, and only using private exploits and zero-day attacks.

The hack saw the homepage replaced by the words "Server HackeD by TIGER-M@TE" alongside the hash tag "#Bangladeshi HackeR" and the text "Greetz: aBu.HaLiL501; w7sh.Syria; Sy-Hacker; NmR.Hacker; Wa7sh Hacker; h311 c0d3". This was accompanied by an email address along with a banner reading "Underground Hackers 2007-2011".

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.