Security breach at Saipan.com

At 7:30pm last night, the Saipan Tribune discovered what appeared to be a breach in the security of the Saipan.com homepage when the familiar picture page with logos and descriptions of Saipan were replaced with a note that appeared to be written in Portuguese.

The Saipan Tribune consulted Saipan resident Herb Soll for his knowledge of the Portuguese language, and he offered an approximate translation of the image, as follows:

Dear Santa Claus:

I’ve been well behaved, and I haven’t interfered with any server and I was good to all of my friends. I would like if possible for you to send me many administrators with open servers that use incompetent scripts on the net.

With an embrace,

From: Overkill

Soll said that, while he is not familiar with all the jargon hackers use for the Internet, he gets the gist of the letter.

“As far as I can see, it’s from a hacker asking for a bunch of server administrators who are foolish and who use scripts for the net. The direct translation I can’t really make clear, but that they are all incompetent,” he said.

Administrator for Saipan.com Dan Camacho was unavailable for comment, but John Blas from the Guam-based Tech Support for the site said that, while he hasn’t received any calls about the site’s difficulties prior to that of the Saipan Tribune, he believes it’s possible that the security of the site has been compromised.

“This is the first I’ve found out. The first time I checked that website was this morning. …Tagaman was up and running, but it looks like the Saipan.com domain…has been breached, the security has been breached. I’m not too sure what’s been going on there,” he said.

As of 8pm last night, Blas said that he and one of his coworkers were trying to contact both Camacho and the Guam administrator, but that their attempts were unsuccessful. While he was unable to officially say that site was under attack, Blas said that he was just as surprised to see the state of the Saipan.com homepage and eager to find the solution.

“To me that’s what it looks like. I don’t know if Dan put that up there on purpose or not, but I can’t say yes or no. I don’t know what’s going on. I wish I did. I’m trying to find out what’s going on,” he said.

Blas said that while the specifics weren’t revealed to him, he had heard mention of the Saipan site when he started his shift.

“I knew of issues earlier this morning when they said that there was a problem with some of our servers on Saipan, but I don’t know if they meant that this was part of it…so right when I got in they said that there were some issues with Saipan, but I didn’t know that this was one of them. I’m not too sure of when this started coming up,” he said.

At press time it was still unknown whether Saipan.com’s e-mail accounts were affected by the attack, but Blas said that the chances are unlikely due to the added security measures for the TagaMail system.

“I don’t believe it should because that’s just the home page. It’s not the TagaMail server, which should be a lot more secure than just the web server,” said Blas.

According to messages the hacker posts on the affected websites, BIOS stands for Brazilians Intruders Of System. They identify themselves individually as evolui and Overkill_.

Besides the note, the Saipan.com webpage also displays the phrase “BIOS TEAM OWNZ U. More perfect impossible.”

Among other sites that BIOS Team had previously hacked into are www.wirelessforums.org, www.artmetal.com, www.virtualove.com, and sprucelake.org. These sites were found using Google and the search word “Overkill_” and all affected sites displayed essentially the same message.