In that case, the headline and summary are very misleading. The summary says "edu, .gov, websites from US" but you say the sampling includes Turkish/Azerbaijani academic websites. I don't think I'm the only person who would read ".edu" and assumes that it _unambiguously_ means US academic sites. If you can provide a full list of your sample, that would be useful to put some detail into this statistic.
most of them are american educational websites, but there are also some from Portugal, Turkey, Azerbaijan, China etc. which are very authoritative high pr websites. I'm going to write a blog post with a full list of websites.
Interesting. It'd be great if you could write this up as a blog post, explaining your motivation and methodology while giving examples of what's happening.
Do you have any hypotheses about a common vector for the hack? In addition to run-of-the-mill vectors, there's also the possibility that educational middleware (online class management a la Sungard, Blackboard, PeopleSoft) is vulnerable -- this is pure speculation, of course, but as someone who worked with dozens of those portals it piques my curiosity.
I couldn't figure out yet. I'm chatting one of those hackers right now per email. He says he can sell me all the list of passwords of .gov .edu website from which country I want, and he can teach me how to hack the rest of them. Mind-blowing.
I just contacted him through the Contact page of his website. He replied. I am not sure if he's a real hacker but he's the owner of bolumizleyin.com which has plenty of backlinks from several .edu websites.
@diamondhead It seems I can't reply to messages past a certain depth so I'll respond to your latest comment in the previous one. I am from Germany. I wrote you on twitter.
zeynalov, please report him to a police department or a related department in Turkey. if you don't know how to do it, I can help you on this as a Turkish citizen.
