Report: Turkish hackers breached U.S. Army servers
Investigators believe hackers used an SQL injection attack to break into U.S. Army servers and redirect visitors to other sites, according to InformationWeek.
Hackers based in Turkey penetrated two U.S. Army Web servers and redirected traffic from those Web sites to other pages, including one with anti-American and anti-Israeli messages, according to a report in InformationWeek.
The hackers, who go by the group name "m0sted," breached a server at the Army's McAlester Ammunition Plant in Oklahoma on January 26 and a server at the U.S. Army Corps of Engineers' Transatlantic Center in Winchester, Va., on September 19, 2007, the report said.
Investigators believe an SQL injection attack was used to exploit a vulnerability in Microsoft's SQL Server database in order to gain access to the servers.
It is unclear whether any sensitive information was accessed, according to the report.
Search warrants have been served on Microsoft, Yahoo, Google, and other ISPs and e-mail providers, while a criminal investigation is underway at the Defense Department, the U.S. Army's Judge Advocate General's Office, and the Computer Emergency Response Team, InformationWeek reported.
The same groupin 2007, also using a SQL injection attack.