Hackers deface Telegraph sites over 'gypsies' slight

hacked
News
16 Apr, 2010

A group of Romanian activists has hacked two Telegraph subdomains in response to a Top Gear episode mocking the country and casting Romanians as gypsies.

Two subdomains of The Daily Telegraph's website have been defaced by a group of Romanian hackers.

The domains – shortbreaks.telegraph.co.uk and wine-and-dine.telegraph.co.uk/site/index.php – were both hacked yesterday to display the same message from a previously unknown group calling itself the RNS – the Romanian National Security group.

Screenshots of the hacked pages can be seen on the Sunbelt Software blog, which first reported the defacing.

The hacked pages featured a Romanian flag against a black background, with a message in Romanian below protesting perceived racism against Romanians, followed by a link to a Romanian YouTube clip featuring excerpts from a Top Gear episode showing the country in an unflattering light and making several references to Romanians as gypsies.

Helped by Google Translate, Sunbelt roughly translated the message to read: “We are sick and tired of seeing how some garbage like you try to mock our country and try to create a completely different picture to the real one, calling us 'romanian gypsies' and broadcasting s****y TV programmes like Top Gear. If you have the nerve to anger an entire country, know that we will not stop here! Romania.”

The message ended with a single line in English: “Guess what, gypsies aren't Romanians, morons.”

Aside from the fact that Top Gear presenter James May is a columnist for The Telegraph, it's not clear the connection – if any – between the defaced sites and the RNS' grievances. Both subdomains were being used to advertise promotions for Daily Telegraph readers, and remain offline at present.

A Romanian hacker was blamed for a March 2009 attack on the [ital]Telegraph's system that exposed the email addresses of registered users, with some suggesting the site may have become a target for Romanian nationalists.

However, considering the broad nature of the allegations, it's more likely that the subdomains were simply being used to represent the broader UK media.

Read more about