In a recent cyber attack, the official website of “Sistem Informasi Geografis Manajemen Aset Badan Pengelolaan Keuangan Dan Aset Daerah Pemerintah Kota Madiun” was defaced by a hacker going by the alias KazeoHans. The attack, claimed by the hacker group AnarchoXploit, highlights vulnerabilities in government-run systems. Below are details of the incident.
Hacker Details:
- Hacker Name: KazeoHans
- Hacker Group: AnarchoXploit
Website Details:
- URL: http://sigma.madiunkota.go.id/images/
- System: Linux
- Web Server: Apache
- IP Address: 36.89.39.196
- Location: Indonesia
Incident Details:
- Date: August 31st, 2018 16:25:23 (WIB)
- Proof of Concept: File Inclusion
- Reason: “Heh…just for fun!”
- Archive Page: https://defacer.id/mirror/id/901
- Cyber Attack Report Page: https://defacer.id/cyber-attack-report/901
Summary:
The website of the “Sistem Informasi Geografis Manajemen Aset” in Madiun was defaced by a hacker identified as KazeoHans from the AnarchoXploit group. The defacement was purely for entertainment, with no malicious intent stated beyond a desire for fun.
Proof of Concept:
The hacker utilized a File Inclusion vulnerability, which allowed unauthorized access to server directories. By exploiting this weakness, KazeoHans was able to upload files to the website, leading to its defacement.
Reason:
According to the hacker’s own admission, the attack was carried out “just for fun.” This points to a lack of security measures on the website, which made it an easy target for casual defacement rather than a sophisticated cyberattack with malicious goals.