
Two U.S. Army websites were taken down after their error pages were defaced with pro-Kurdish messages and insults aimed at President Donald Trump. The affected sites were linked to the Army’s Open Innovation Lab and Artificial Intelligence Integration Center, which support testing and integration of AI and emerging technologies.
Security researcher Ronald Lovelace told CyberScoop that the defacements appeared on pages shown when visitors tried to access a web address that did not exist. The main site content did not appear to be changed.
The messages called for a “free Kurdistan” and referenced U.S. Ambassador to Turkey Tom Barrack. They also included personal attacks on Trump, including language that appeared to refer to his name appearing in Justice Department files related to Jeffrey Epstein.
Army Sites Taken Offline After Report
CyberScoop reported that the messages were visible as of Monday. After the publication contacted the Army, officials took the affected pages down.
The Army has not publicly said how the error pages were modified. CyberScoop reported that the sites appeared to run on WordPress and used several plug-ins, which can become targets if they are outdated or misconfigured.
It is not clear whether any data was accessed or stolen. The Army is investigating the incident, according to CyberScoop, while the Department of Defense did not respond to TechCrunch’s request for comment.
The incident appears to fit a pattern known as 404 hijacking, where attackers alter the error page shown when a website cannot find the requested content. Such defacements are often used by hacktivists to promote political messages rather than steal data, although they can still point to weaknesses in site security.
Federal Systems Face More Cyber Incidents
The Army website defacements follow other recent cyber incidents involving U.S. government systems. The Department of Homeland Security confirmed last week that it was investigating a breach involving an unclassified legacy information-sharing environment.
Reuters reported that the affected system was the Homeland Security Information Network, which is used to share sensitive but unclassified information among federal, state, local, tribal, territorial, international and private-sector partners. The incident reportedly took place between late May and early June.
Hacktivists also targeted DHS-linked records earlier this year, publishing documents related to contracts that support immigration enforcement operations. Those incidents show how politically motivated hackers continue to use government systems and websites as targets for public messaging.
For the Army, the immediate impact appears limited to defaced error pages. Still, the case shows how even lower-level website compromises can create public embarrassment for federal agencies, especially when attackers attach political messages to official government domains.
Featured image credits: MC1(AW/SW/NAC) Daniel N. Woods via Wikimedia Commons
For more stories like it, click the +Follow button at the top of this page to follow us.
