Police: Peščanik site hosted on insecure server
The website of Peščanik is hosted on an insecure server located in Germany that was attacked using WordPress pingback, Tanjug reported.Source: Tanjug
It was determined through analysis that the attack came from 533 servers located in dozens of countries around the world, the news agency said, quoting Serbian police cybercrime department head Saša Živanović.
The case was mentioned last week as part of a controversy that errupted over allegations of censorship in Serbia - as the website was brought down shortly after publishing accusations that Interior Minister Nebojša Stefanović had plagiarized his doctoral thesis at the Megatrend University.
Živanović told Tanjug that a request has been filed through international police channels to get certain electronic data from a number of countries in order to continue the investigation and identify the person potential culprit, who could then face charges of preventing access to a public computer network.
Immediately after it became known that pescanik.net had been brought down, which happened on June 1, the police contacted Peščanik's editor and the administrator who hosts the site, he stated.
They were contacted on June 3, and at the same time, the police received the logs referring to the period the site was under attack, he pointed out.
An analysis of those logs has determined that the attack did not come from Megatrend, and the traffic on the university's server at the time of the attack was 0 Mbit, later rising to 10 MB, which cannot bring down pescanik.net," Živanović noted.
There was a large number of legitimate requests to access the website during the attack, especially after a TV B92 show that pointed out the problem, causing people to try to access the site multiple times, which was registered as a form of attack, he explained.
"Further analysis of the logs showed that it was a WordPress pingback attack, that the Peščanik host server is in Germany and that the itself was under attack, not just the Peščanik website," he stressed.
A search through internet forums and comments on the server's security led to the conclusion that the server was not secure and the Peščanik editors and administrator were advised to move the website to a more secured server, he stated.
The log analysis showed that the attack came from 533 servers in dozens of countries.
The Serbian police are still intensively working on the case of a cyber attack on the Peščanik website, Police Director Milorad Veljović told Tanjug on Tuesday.
Veljović explained that the investigation is being conducted in close cooperation with the Prosecutor's Office for Hi-Tech Crime.
"Our department in charge of such investigations has already requested international technical assistance from several regional and world countries via Interpol and login approval from their websites will contribute to potential identification of the most likely perpetrator of the criminal act," Veljović said.
The Independent Journalists' Association of Serbia (NUNS) requested last week that the police bodies in charge of cyber crime should reveal and make public the identity of "individuals behind the takedown of the website."