The Record reported that unknown hackers attacked the site of the Sealand Principality (a self-proclaimed virtual state in the North Sea) and introduced a web skimmer on it.
The attackers posted malicious code on Sealand’s online store, which the unrecognized micro-state government uses to sell titles of nobility.
The Principality of Sealand is a virtual state proclaimed in 1967 by Paddy Roy Bates, a British retired major and one of the operators of the pirate radio station Radio Caroline.
The virtual state is located in the North Sea, 10 kilometers off the coast of Great Britain on the once abandoned offshore platform Rafs Tower. Bates also proclaimed himself monarch (prince) of Sealand and his family the ruling dynasty.
Although Sealand declared its independence and sovereignty back in the 60s, it was never recognized as an official state. These days, the principality is mainly known for trading titles of nobility through its website (many small countries do this to replenish their budget).
As The Record now reports, someone embedded a web skimmer on Sealand’s website, and the malicious code allowed hackers to collect data on users and payment cards of those who purchased anything from the official online store of the self-proclaimed state.
The compromise has affected all transactions made on the site since October 12, Sansec founder Willem de Groot told the publication. He discovered the malware while analyzing the infrastructure of an unnamed hack group that has been active since last year. Also, the founder of Sansec said that he found the same malicious code on the website of a French security provider.
De Groote reports that the code is currently not working due to a bug, but has been active for about a month and a half since it was first posted on Sealand’s website. Neither the researcher nor the journalists managed to contact representatives of the principality.
Let me remind you that recently hackers broke into FBI mail server and sent fake cyberattack alerts.