Cyber Incident Victim: Plextor
Date:
Aug 2014
Location:
United States of America
Summary
A computer hardware manufacturer's US website was compromised by a group identifying as CoMoDo Islamic Hackers, who replaced all pages with anti-US and anti-Israel messages alongside Islamic propaganda, including Turkish text and an embedded YouTube video. The attackers denounced Western entities while proclaiming a cyber war against nations perceived as disrespecting Islam, rendering the site's original firmware downloads and support content inaccessible until control was restored after investigation. The breach displayed the group's limited prior online activity but effectively disrupted the company's digital services through complete content replacement.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On August 7, 2014, the US website of computer hardware manufacturer Plextor, specifically its Americas-focused subdomain dedicated to firmware downloads, news, and SSD product support, was compromised by a hacking group identifying itself as CoMoDo Islamic Hackers. The attackers replaced all original website content with defacement pages displaying anti-American and anti-Israel propaganda messages in English and Turkish, accompanied by Islamic imagery. The English message declared "You'll demolished ! filthy bloodsuckers.! America , Israel!!infamous America,, infamous Israel. The CYBER-WAR will be appeared all the Countries which not respecting Islam. Islamic Hacker!!! islamic army coming," while the Turkish text, when translated, warned of consequences for those who persecute or tolerate cruelty. A minimally visible embedded YouTube video linked to additional content, though the clip's specific subject matter wasn't detailed in available reports. The attackers left no clear indication of their intrusion methods or motives for targeting Plextor beyond the ideological statements. Analysis of their associated Facebook page revealed minimal operational history, with activity limited primarily to profile modifications and friend requests rather than substantive communications.
The compromise rendered Plextor's Americas website completely inaccessible to legitimate users seeking firmware updates and technical support, disrupting normal business operations. Plextor Europe confirmed the incident was under investigation shortly after detection, though no technical details regarding detection methods or forensic findings were disclosed publicly. By August 8, 2014 – one day after initial reports – Plextor successfully restored control over the compromised domain and reinstated original content. No secondary compromises of other regional domains or customer data breaches were reported in connection with the incident. The CoMoDo group's limited digital footprint and absence of subsequent claims or activities following the restoration suggested a short-term operational capability focused primarily on symbolic defacement rather than persistent network intrusion or data exfiltration.