The actually visible area of the website is defaced by crackers by integrating foreign text or graphics. Malicious programs are usually not spread because this should be done secretly and unnoticed for as long as possible.
To defeat, security gaps in web applications and web servers are exploited, or passwords are used through methods such as brute force , cross-site scripting , SQL injection or social engineering to penetrate web space or the system. The pages changed in the past can be called up in various internet archives.
One of the most famous cases dating from the second half of the 1990s, when the home page of the Central Intelligence Agency was hacked (CIA): Three days was long there as Title Central Idiots Agency (dt. Central Authority idiots ) to read.
There are different motivations to break into a server. The disfigurement is mostly used to gain reputation in the network community or to give the site operator a lesson in the context of hacktivism . In addition to public defacements that should be visible to everyone, hackers often leave hidden code fragments behind to prove that they have already broken into the site (or the server). The techniques used are also used legally ( hackits ) to compete with other hackers .
- CYBER WARFARE: Project Gray Goose Phase II Report On INDIA - The Eastern Railway Web Site Defacement (Intelli-Briefs, March 28, 2009 - about the attack by a Pakistani hacker group on the website of an Indian railway company; see Cyberwar )
- Hacker attack: major attack planned in the network , Manager-Magazin , July 4, 2003