Hackers based in Turkey penetrated two U.S. Army Web servers and
redirected traffic from those Web sites to other pages, including one
with anti-American and anti-Israeli messages, according to a report in InformationWeek.
The hackers, who go by the group name "m0sted," breached a server at
the Army's McAlester Ammunition Plant in Oklahoma on January 26 and a
server at the U.S. Army Corps of Engineers' Transatlantic Center in
Winchester, Va., on September 19, 2007, the report said.
Investigators believe an SQL injection attack was used to exploit a
vulnerability in Microsoft's SQL Server database in order to gain
access to the servers.
It is unclear whether any sensitive information was accessed, according to the report.
Search warrants have been served on Microsoft, Yahoo, Google, and other
ISPs and e-mail providers, while a criminal investigation is underway
at the Defense Department, the U.S. Army's Judge Advocate General's
Office, and the Computer Emergency Response Team, InformationWeek