State governments, beware: .gov websites are being targeted by a seemingly new hacker group.
Last Monday the central internet portal controlling all of Maine’s government websites went down for about three hours, due to a series of distributed denial of service (DDoS) attacks. On Tuesday Maine.gov went down again, this time only for two hours.
A hacking group called Vikingdom2015 took credit for the attack on Twitter. Using the hashtag “#OpAmericanGov” the Twitter account claimed that both Maine.gov and VisitNH.gov were offline.
When asked why it targeted Maine’s website, Vikingdom2015 replied, “cause they are dumb,” reports the Portland Press Hearld.
All we know about Vikingdom2015 is from its Twitter presence. This group, or perhaps just a lone individual, writes tweets about hacked websites and has it out for US government websites. According to the Twitter bio, Vikingdom2015 hails from Russia and proclaims itself to be “Hackers Government.” On Wednesday, however, the account did tweet “LOL WE AREN’T FROM RUSSIA.”
The group has a formal list of potential victims. Two days ago Vikingdom2015 released a document on Pastebin enumerating its “Target List.” On it are 44 .gov websites — each domains for specific states — including mass.gov, nyc.gov, and texas.gov.
Vikingdom2015 also links to a SoundCloud page, which contains one ominous track about its plans. With techno-keyboard tracks in the background and computerised voice says, “Hello. We are Vikingdom2015, a hacking crew, and we uploaded this track so we can warn American citizens. We will knock all American governments’ websites offline. We do not care if we get caught. We all like doing this. So you better be prepared for the battle.”
The group has been actively tweeting for the last two weeks. It took credit for numerous site outages, including OKC.gov, which went down two days in a row beginning March 18.
But, many of its hacking claims remain unverified. One of the group’s notable claims was that it took down the video game streaming site Twitch on March 18. On Monday, Twitch notified its users that its servers had been compromised and instructed people to change their passwords. It’s highly unlikely, however, that Vikingdom2015 had anything to do with the Twitch breach.
Beyond that, Vikingdom2015 hasn’t revealed any more details about itself, or which sites will be targeted next. The account will probably continue childishly taunting Twitter users and claiming credit for DDoS attacks. In the last hour it got into a Twitter spat with the Bangor, Maine Fox affiliate WFVX. As of this posting, WFVX’s website has been offline.