About ALF > Worldwide Actions > Actions in Cyberspace
Fur Website Hacked, Decorated with ALF Message
There has been no claim of responsibility, but the website hack was confirmed in a "security alert" sent by the Fur Commission USA to its members yesterday. Animal Liberation Frontline has obtained the bulletin, not intended to be read by the general public, which gives the following insights into the hack:
*The FCUSA claims the website was hacked from 3am to before 10am. This is a deliberate lie by the FCUSA. As this time-stamped screenshot shows, the site was hacked at least as early as 11pm CST / 9pm PST, a full six hours earlier than the email claims. Presumably, the time the site was hacked was cut in half (or more) to mitigate embarrassment it is suffering over the incident.
*Quote: "NO SENSITIVE INDUSTRY OR PERSONAL DATA has ever been stored on the website, and member section materials were never accessed by the intruders".
*Quote: "What is evident is, that our opponents monitor our sites constantly and when a vulnerability is discovered, attack immediately."
*Quote: "The perpetrators, when discovered, can and will be prosecuted under the AETA (Animal Enterprise Terrorism Act)."
The bulletin reads, in full:
As you may know by now, the Fur Commission USA website (www.furcommission.com) was hacked the morning of August 10 by the 'ALF' . It was down for approximately 6 hours (Accessed sometime after 3:00 AM PST and restored before 10:00 AM). I've been told by our programmers that the hackers used a 3rd party script (facebook, twitter, paypal for example) to detour people to an alternate site, unlike a Distributed Denial of Service (DDoS) where malware is loaded into the code to crash the site. The vulnerability has been patched and updated firewalls have been installed. This process took our programmers less than 10 minutes. At no time did the intruders have access to edit or delete furcommission.com content. NO SENSITIVE INDUSTRY OR PERSONAL DATA has ever been stored on the website, and member section materials were never accessed by the intruders. The programmers are now tracing the source of the attack and are forwarding information to the FBI in Washington DC. What is evident is, that our opponents monitor our sites constantly and when a vulnerability is discovered, attack immediately. This is called a 0-day attack. The perpetrators, when discovered, can and will be prosecuted under the AETA. (Often, challenges become opportunities.....)