Website Defacement (Link: Description of Website Defacement) , which refers to a cyber attack where a hacker penetrates a website and changes its visual appearance, is an act of intentionally leaving evidence that the website has been attacked. This attack would feel like nothing if the screen is the only one that is changed. In reality, however, this implies that the hacker gains complete access to the website.
Screen of a Defaced Website
The problem with website defacement is that it is ubiquitous. There are cases every day globally and each of them is severely damaged that there even are specialized government departments that find and take action on the hacked websites. The primiary way to detect such defaced websites is to find the strings commonly used by hackers, who tend to insert strings like “hacked by XXXX” within a website or a page title to show off they completely took over the website.
Strings inserted within a page title that exhibits website defacement
How to Detect Defaced Websites on Criminal IP
[Criminal IP Youtube – How to Search for Defaced Website With Title Filter]
Using the title filter, such as title:hacked or title:”hacked by”, of Criminal IP’s Asset Search, you can find numerous webistes that have been defaced. Through these search terms, you can regularly check whether your personal or corporate/institution websites have been influenced by the website defacement.
Result when Searched title:”hacked by” on Criminal IP
How to Detect Phishing Websites on Criminal IP
In addition tno defaced websites, Criminal IP’s title filter comes in handy when finding phishing websites. If there is a bank called HELLO WORLD BANK and its title of internet banking is the same, it is likely that the phishing site also decorated itself with the same title or similar strings. Therefore in this case, searching with the title filter like title:HELLO WORLD BANK or title:BANK will help you detect phishing sites within your website.
Source : Criminal IP