Website defacement is a cyberattack in which a hacker gains unauthorized access to a website and alters its visual appearance, often leaving behind evidence indicating that the website has been attacked. This attack would feel like nothing if the screen is the only one that is changed. In reality, however, this implies that the hacker gains complete access to the website.

Screen of a Defaced Website
Screen of a Defaced Website

The problem with website defacement is its prevalence. Instances occur worldwide every day, causing significant damage. This has led to establishment of specialized government departments that detect and take action on hacked websites. The primary method of identifying defaced websites is to search for strings commonly used by hackers. They often insert phrases such as “hacked by XXXX” within a website or page title to show off their full control of the site.

Strings inserted within a page title that exhibits website defacement
Strings inserted within a page title that exhibits website defacement

How to Detect Defaced Websites on Criminal IP

[Criminal IP Search 101 – How to Search for Defaced Websites With Title Filter]

By utilizing the title filter, such as title:hacked or title:”hacked by”, on Criminal IP Asset Search, you can discover numerous websites that have been defaced. Regularly employing these search terms can allow you to check if your personal or corporate/institutional websites have been impacted by website defacement.


title:”hacked by”

Result when Searched title:”hacked by” on Criminal IP
Search results of title:”hacked by” on Criminal IP Asset Search

How to Detect Phishing Websites on Criminal IP

In addition to detecting defaced websites, Criminal IP’s title filter is useful in identifying phishing websites. For example, if a bank called HELLO WORLD BANK has an internet banking page with a specific title, a phishing site may have replicated the same title or used similar strings. In this case, searching with the title filter like title:HELLO WORLD BANK or title:BANK can help you identify any phishing sites within your website.

Source : Criminal IP