Date: May 15th, 2019 | 05:05:26 WIB
Publication: Cybersecurity Daily
The Ministry of Environment and Forestry (MENLHK) website was compromised, specifically targeting the URL http://plb3.menlhk.go.id/siraja-limbah-2018/uploads/xls/1557871225_q.txt. The attack was carried out by the hacker known as C3P0T, affiliated with the hacker group Sunda Cyber Army.
Hacker Details:
- Hacker Name: C3P0T
- Hacker Group: Sunda Cyber Army
Website Details:
- URL: http://plb3.menlhk.go.id/siraja-limbah-2018/uploads/xls/1557871225_q.txt
- System: Linux
- Web Server: Apache
- IP: 202.73.25.144
- Location: Indonesia
Incident Details:
- Proof of Concept: SQL Injection
- Reason: Heh…just for fun!
- Archive Page: https://defacer.id/mirror/id/61028
- Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/61028
The attack exploited a SQL injection vulnerability, allowing unauthorized access to the database and potentially revealing sensitive information. SQL injection is a common attack vector where malicious SQL queries are used to manipulate or extract data from a database.
The hacker’s motivation was described as “just for fun,” indicating that the breach was performed more for the challenge and thrill of hacking rather than for financial gain or malicious purposes. While the intent may have been less harmful, it underscores the critical need for robust security measures to prevent such vulnerabilities from being exploited.