August 13th, 2020 | Cybersecurity Daily
On August 13th, 2020, the EGS Yayasan Saad College Melaka Malaysia website, located at http://egs.kysm.edu.my/grt.txt, was compromised. The attacker, known as Alqiyaramdana from the Ghost Riddiculous Team, exploited a SQL injection vulnerability to gain unauthorized access and deface the site.
Hacker Details:
- Hacker Name: Alqiyaramdana
- Hacker Group: Ghost Riddiculous Team
Website Details:
- URL: http://egs.kysm.edu.my/grt.txt
- System: Linux
- Web Server: Apache
- IP: 103.18.246.102
- Location: Malaysia
Incident Details:
- Date: August 13th, 2020 13:02:16 (WIB)
- Proof of Concept: SQL Injection
- Reason: Heh…just for fun!
Archive Page: https://defacer.id/mirror/id/93131
Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/93131
The attacker utilized a SQL injection, a common technique where malicious SQL queries are used to manipulate or retrieve data from a database, to breach the website. This method can expose sensitive information or allow unauthorized modifications to the site.
The motive behind the attack was stated as “Heh…just for fun!” indicating that the breach was performed for personal amusement or as a challenge rather than any specific malicious intent.