Multiple U.S. Army internet subdomains were defaced with messages denouncing President Donald Trump and promoting pro-Kurdish sentiments in an apparent 404 hijacking campaign, as reported by CyberScoop.The defacement targeted error pages on U.S. Army websites, including oil.army.mil and ai2c.army.mil, which belong to the Army’s Open Innovation Lab and Artificial Intelligence Integration Center, respectively. The messages displayed on the error pages denounced Trump and U.S. Ambassador to Türkiye Tom Barrack, and called for the freedom of Kurdistan. This attack method, known as 404 hijacking, exploits a website's error-handling system, often through compromised plugins or server configurations, to display unauthorized content when a page is not found. Cybersecurity researcher Ronald Lovelace discovered the defacements, noting the affected sites ran on WordPress and Microsoft cloud infrastructure.The Army took the affected pages offline after being contacted for comment, stating they were hosted on a legacy third-party platform. An Army spokesperson confirmed that incident response is ongoing. While the defacement across multiple subdomains suggests a potential for broad reach, it did not appear to affect all Army websites. The perpetrators are not definitively identified, but the pro-Kurdish messages align with tactics used by Kurdish hacktivists. This incident is reminiscent of a 2015 attack where hackers from the Syrian Electronic Army defaced Army websites.Source: CyberScoop
Government security
U.S. Army websites defaced in apparent 404 hijacking campaign

(Sashkin via Adobe Stock Images)
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



