Publication Date: September 14, 2020
On September 14th, 2020, the website of the Philippines Benguet Project Monitoring System (benguetpms.gov.ph) was compromised by the hacker known as K4TSUY4-GH05T, who is affiliated with the hacker group 7Ghost-Team. The attack specifically targeted the URL http://benguetpms.gov.ph/v.html, indicating a breach involving a particular page of the project’s monitoring system website.
The attacker utilized SQL Injection as the proof of concept for this incident. SQL Injection is a technique where malicious SQL queries are inserted into input fields to manipulate or access the underlying database. This exploitation method allowed the attacker to compromise the website by taking advantage of vulnerabilities in the system.
The reason given by the hacker for this attack was a desire to be recognized as the best defacer. This implies that the main motivation behind the breach was to achieve prominence within the hacking community by demonstrating their defacing skills.
Hacker Details:
- Hacker Name: K4TSUY4-GH05T
- Hacker Group: 7Ghost-Team
Website Details:
- URL: http://benguetpms.gov.ph/v.html
- System: Windows 2008
- Web Server: Apache
- IP: 210.213.207.149
- Location: Philippines
Incident Details:
- Date: September 14th, 2020 18:43:00 (WIB)
- Proof of Concept: SQL Injection
- Reason: I just want to be the best defacer
Archive Page: https://defacer.id/mirror/id/107610
Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/107610