At first it looked like the latest strike in an intensifying cyberwar between Russia and the United States.
A Russian government website was widely reported to be hacked and defaced on Friday. CNN credited an “American vigilante hacker” known as The Jester with “gaining access to the Russian government ministry’s website” and leaving a message for Moscow to stop cyberattacks on American targets. Fox News reported that “anyone who visited the Russian site” saw the Jester’s message.
In fact, there was no hack or breach of Russia’s ministry website. The Jester never gained access to any Russian website. The supposed defacement never really took place and the media’s excited reporting on the incident has been thoroughly debunked. Russian officials denied such a hack took place and even The Jester’s own blog has since explained that “the target site was in no way damaged or breached.”
The news came on the heels of a massive denial-of-service attack against American targets on Friday. The multiple waves of attack brought down websites including Box, GitHub, PayPal and Twitter. The weapon was a massive botnet of Internet-connected devices like webcams that are now part of a major product recall following the attack.
Here’s how it worked: Jester published a link from Twitter. The link went to a newly created site containing what he describes as XSS code with his message to Russia, then redirected the user to the Russian website, and appeared to fill it out with The Jester’s warning message to Russia. The only people who saw the message had to click The Jester’s link. The only deception took place on those people’s machines.
The message was not actually on the Russian website itself, there was no breach or defacement of the Russian government website despite earlier claims, and no Russian government website was ever under the control of any hacker. The incident was portrayed in mainstream media as something else entirely.