The websites of Mizzima News, an independent Burmese news agency based in New Delhi, India, has been hacked with a Cross-site scripting causing the webites to be inaccessible since early Wednesday morning.
According to Mizzima's webmaster the attackers used the vulnerability in poor-code websites, and took total control of the site. While files from the English and Burmese website were deleted from the database, and had to be recovered from the back-up, the mizzima.tv and mizzimaphoto.com were temporarily down.
But within hours, the problems with the mizzima.com, mizzima.tv and mizimaphoto.com were rectified. However, the Burmese site – mizzimaburmese.com remains inaccessible.
Though it is not known, who is behind the attack, the hacker's internet protocol (IP) is found to have originated from a server in the United States.
Mizzima, however, is still unable to confirm whether the attack is the work of the Burmese military junta, which has banned Mizzima's websites inside the country. Web users bypassing the government's internet filtering systems with the help of proxy and browsing can access Mizzima's sites. But if caught, they would have to pay a heavy penalty.
"It is hard to tell who is behind the attack but someone who has special interest could be the culprit or culprits," said Sein Win, Managing Editor of the Mizzima News.
"However, these people should know that this is a criminal offence" he added.
This is not the first time, however, that the websites of Mizzima as well as other Burmese media groups in exile, including the Chiang Mai based Irrawaddy, Oslo based Democratic Voice of Burma and Bangkok based New Era Journal, have been attacked.
In July, the Burmese website of Mizzima News and the DVB came under a Distributed Denial of Services (DDoS), causing the sites to become inaccessible for several days.
Similarly, on September 24, a day before the first anniversary of last year's monk-led protests in Burma, three Burmese News agencies The Irrawaddy, DVB and New Era Journal in exile came under a DDoS attack.
Mizzima News Agency, run by Burmese journalists, is an independent Burmese multi-media group focusing on Burma and related news and issues, and has four different websites – Mizzima.com, Mizzimaburmese.com, Mizzima.tv, mizzimaphoto.com.
Besides updated daily news both in English and Burmese, Mizzima also Podcasts video stories on its mizzima.tv site, which are frequently picked up by other news organizations.
Both Mizzima's Burmese and English site normally attract an average of 10,000 to 15,000 unique visitors per day but the readership suddenly jumped to hundreds of thousands during the September protests in Burma last year and in the month of May and June 2008, following the killer Cyclone Nargis' lashing the country.
| မဇၩိမဝဘ္ဆိုဒ္မ်ား တိုက္ခိုက္ခံရ | | |
| |
| |
| မဇၩိမသတင္းဌာန၏ ဝဘ္ဆိုဒ္မ်ားသည္ ဟက္ကာ (hackers) မ်ား၏ Cross-site scripting နည္းျဖင့္ တိုက္ခိုက္ခံရသည့္အတြက္ ယေန႔ ဗုဒၶဟူးေန႔ နံနက္ပိုင္းတြင္ ဝင္ေရာက္ ၾကည့္ရႈမရဘဲ ျဖစ္ေနခဲ့သည္။ မဇၩိမသတင္းဌာနမွ ဝဘ္မာစတာ၏ အဆိုအရ တိုက္ခိုက္သူမ်ားသည္ poor-code websites မ်ား၏ အားနည္းခ်က္ကို အခြင့္ေကာင္းယူ တိုက္ခိုက္ခဲ့ျခင္း ျဖစ္ၿပီး ထိုဟက္ကာမ်ားက ဤဝဘ္ဆိုဒ္မ်ားကို ထိန္းခ်ဳပ္ထားလိုက္ျခင္း ျဖစ္သည္ဟု ဆိုပါသည္။ ဝဘ္ဆိုဒ္၏ ျမန္မာဘာသာႏွင့္ အဂၤလိပ္ဘာသာ ေဒတာေဘ့စ္အတြင္း ထည့္သြင္းထားသည့္ ဖိုင္မ်ားအားလံုး ဖ်က္ဆီးခံလိုက္ရၿပီး ဘက္ကပ္တြင္ သိုေလွာင္ထားေသာ ေဒတာမ်ားျဖင့္ အစားထိုး ျပန္လည္ ထည့္သြင္းခဲ့ရသည္ဟု ဆိုပါသည္။ မဇၩိမတီဗြီႏွင့္ ဓါတ္ပံုဝဘ္ဆိုဒ္မ်ားမွာ ယာယီသံုးမရဘဲ ျဖစ္သြားခဲ့သည္။ ဤသို႔ တိုက္ခိုက္သူမွာ မည္သူမည္ဝါ ျဖစ္သည္ကို မသိရေသးေသာ္လည္း ဟက္ကာ၏ အင္တာနက္ ပရိုတိုဂုိးလ္ လိပ္စာ IP မွာမူ အေမရိကန္ ျပည္ေထာင္စုတြင္ ရွိေသာ ဆာဗာတခုမွ လာသည္ကို ေတြ႔ရွိခဲ့ရသည္။ ဤသို႔ တိုက္ခိုက္သူသည္ ျမန္မာစစ္အစိုးရ ဟုတ္မဟုတ္ကိုမူ မဇၩိမအေနႏွင့္ အတည္ျပဳ၍ မရေသးပါ။ မဇၩိမဝဘ္ဆိုဒ္ကို ျပည္တြင္း၌ ၾကည့္ရႈျခင္းအား စစ္အစိုးရက ပိတ္ပင္ထားသည္။ ဝဘ္အသံုးျပဳသူမ်ားသည္ အစိုးရ၏ အင္တာနက္ ပိတ္ဆို႔ တားဆီးထားသည့္ စနစ္မ်ားအား ပေရာက္ဇီမ်ား အကူအညီျဖင့္ မဇၩိမဝဘ္ဆုိဒ္သို႔ ဝင္ေရာက္ၾကည့္ရႈရသည္။ "ဒီလိုတိုက္ခိုက္မႈရဲ့ ေနာက္ကြယ္မွာ ဘယ္သူေတြ ရွိတယ္ဆိုတာ ေျပာဘို႔ ခက္ပါတယ္။ ဒါေပမဲ့ ဒီလိုလုပ္လို႔ အထူးအက်ဳိးစီးပြါး ရွိမဲ့သူေတြသာ ဒီလုပ္ရပ္ရဲ့ လက္သည္တရားခံ သို႔မဟုတ္ တရားခံေတြျဖစ္မွာပါ" ဟု မဇၩိမသတင္းဌာန၏ မန္ေနဂ်င္း အယ္ဒီတာ ဦးစိန္ဝင္းက ေျပာၾကားသြားခဲ့ပါသည္။ "ဒါေပမဲ့ ဒီလူေတြ သိဘုိ႔ လိုတာက ဒီလုပ္ရပ္ဟာ ရာဇဝတ္မႈေျမာက္တဲ့ လုပ္ရပ္ျဖစ္တယ္ ဆိုတာပါပဲ" ဟုလည္း သူက ဆက္လက္ ေျပာၾကားသြားခဲ့ပါသည္။ မဇၩိမႏွင့္ ျပည္ပအေျခစိုက္ ျမန္မာမီဒီယာဌာနမ်ား ဤသို႔ တိုက္ခိုက္ခံရသည္မွာ ပထမအၾကိမ္ မဟုတ္ပါ။ ခ်င္းမိုင္ အေျခစိုက္ ဧရာဝတီ၊ ေအာ္စလို အေျခစိုက္ ဒီမိုကရက္တစ္ ျမန္မာ့အသံ (DVB) ၊ ႏွင့္ ဘန္ေကာက္အေျခစိုက္ ေခတ္ၿပိဳင္ ဂ်ာနယ္တို႔လည္း ဤသို႔ တိုက္ခိုက္ခံခဲ့ ရဖူးသည္။ ဂ်ဴလိုင္လ အတြင္းကလည္း မဇၩိမသတင္းဌာနႏွင့္ DVB တို႔သည္ Distributed Denial of Services (DDoS) နည္းျဖင့္ တိုက္ခိုက္ခံရသည့္အတြက္ ရက္ေပါင္းမ်ားစြာ ဝင္မရဘဲ ျဖစ္ခဲ့ရသည္။ |
No comments:
Post a Comment