26 Feb 2014

EC-Council Web Site DNS Hijacked and Defaced

The web site of IT training company EC-Council has been DNS hijacked and defaced by a hacker known as Eugene Belford, according to Softpedia News.

The hacker who hijacked EC-Council’s web site claims to have gained access its systems, including to thousands of passports of military and law enforcement officials. He also leaked a copy of Snowden’s passport and allegedly hijacked the web site because the administrator reused the password.

EC-Council said its servers have not been hacked.

“EC-Council’s Security Team has confirmed no access to any EC-Council Servers was obtained, the domain redirection was done at the DNS Registrar and traffic was re-routed from Authentic EC-Council Servers to a Host in Finland known for hosting other illegal websites,” said EC-Council on Facebook.

“The affected records reside with a Third-Party, ICANN certified DNS Registrar and though EC-Council has terminated service there and moved, DNS propagation will take some time.”

FBI and international law enforcement have been notified of the incident, as well as the third-party. EC-Council is an organization that has trained and certified individuals from the FBI and other organizations.