Certified Ethical Hacker EC-Council website defaced
Website of Certified Ethical Hacker certification EC-Council, eccouncil.org has been defaced with the scanned copy of Edward Snowden’s password being displayed prominently and a letter to the organisation from the whistleblower requesting an exam code in the backdrop.
The defaced site also contains a letter from John Niescier, the Information Security Officer at the DSRJ, certifying that Snowden had at least five years of InfoSec experience.
“Defaced again? Yep, good job reusing your passwords morons jack67834#” reads the opening statement on the defaced site. “owned by certified unethical software security professional – Eugene Belford.”
EC-Council owns Certified Ethical Hacker and quite a few other certifications and according to last known stats, has certified 60,000 security professionals with over a fifth of them certified for C|EH.
The original IP address of eccouncil.org was 188.8.131.52, but when we first checked the site was being resolved as being hosted on 184.108.40.206 indicating a possible DNS hijack. At press time the site, which is still defaced, is resolving to the original IP address of 220.127.116.11.
We have tried getting in touch with EC-Council and will update the story once we hear something back.