August 31st, 2020 | Cybersecurity Daily
On August 31st, 2020, the website of the Staff of the Commander of the Indonesian National Armed Forces (SPERS TNI) Indonesia (spers-tni.mil.id) was hacked by ./An9el4-137. The attack was discovered at 12:32:54 WIB and involved an SQL Injection vulnerability.
Hacker Details: The hacker, known as ./An9el4-137, executed the attack with the motivation of “Heh…just for fun!” indicating that the breach was carried out more for personal amusement rather than any malicious purpose.
Website Details:
- URL of affected page: https://spers-tni.mil.id/el.php
- System: Linux
- Web Server: Apache
- IP Address: 103.203.76.67
- Location: Indonesia
Incident Details: The SQL Injection vulnerability was exploited to gain unauthorized access and deface the website. This incident underscores the importance of securing web applications and databases against such vulnerabilities.
For more information, refer to the archived page at https://defacer.id/mirror/id/104100 and the detailed cyber attack report at https://defacer.id/cyber-attack-report/104100.