Date: August 30, 2018
The official website for Badan Lingkungan Hidup Provinsi Daerah Istimewa Yogyakarta (Environmental Agency of Yogyakarta Special Region) has been defaced by the hacker known as Xwizx404. The incident occurred on August 30th, 2018, at 15:56:30 WIB, revealing vulnerabilities in the site’s security framework.
Hacker Details:
- Hacker Name: Xwizx404
- Hacker Group: Majalengka Security Cyber
Website Details:
- URL: http://blh.jogjaprov.go.id/id.htm
- System: Linux
- Web Server: Apache
- IP Address: 103.255.15.93
- Location: Indonesia
Incident Details:
- Date of Incident: August 30th, 2018
- Time of Incident: 15:56:30 WIB
- Proof of Concept: SQL Injection
- Reason for Attack: I just want to be the best defacer
- Archive Page: https://defacer.id/mirror/id/635
- Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/635
Summary: On August 30th, 2018, the website for Badan Lingkungan Hidup Provinsi Daerah Istimewa Yogyakarta was defaced by Xwizx404 from the Majalengka Security Cyber group. The attack involved unauthorized alterations to the website’s content using SQL injection techniques. The hacker’s stated motivation was to establish themselves as a prominent defacer.
Proof of Concept Explanation: The attack utilized SQL injection, a method that allows attackers to manipulate the SQL queries executed by the web application. This vulnerability can lead to unauthorized access and modification of the site’s database and content.
Reason Explanation: The defacement was carried out with the intention of “being the best defacer,” indicating that the attacker aimed to gain recognition and establish their reputation in the hacking community.
For additional details and to view the defacement, please refer to the provided archive and cyber attack report links.