A Margent attack is a popular mode of inbreak where even an ordinary hacker can take advantage of it to attack Web sites. This week, Websense Security Labs discovered that several Turkish government Web sites were compromised by this kind of attack.
In a Margent attack, the attacker gets control permission of a vulnerable Web site, in this case a site that is hosted on the IP address 18.104.22.168. Once the attacker gains control of the site, they can access the server's file system. The attacker then modified the homepage of the Turkish government's Web site that is also hosted on the same server.
Screenshot of some compromised domains:
Defaced screenshot of a compromised Turkish government domain:
Websense Email Security and Websense Web Security protect against this kind of blended threat with ACE, our Advanced Classification Engine.