Date: July 12th, 2019 | 09:03:04 WIB
Publication: Cybersecurity Daily
The website for Sculptor University Mongolia was defaced by the hacker known as ./Shuzu404 from the Hacker Patah Hati group. The URL affected was http://burtgel.setguulch.edu.mn/!.html.
Hacker Details:
- Hacker Name: ./Shuzu404
- Hacker Group: Hacker Patah Hati
Website Details:
- URL: http://burtgel.setguulch.edu.mn/!.html
- System: Linux
- Web Server: Apache
- IP: 162.215.248.59
- Location: United States
Incident Details:
- Proof of Concept: File Inclusion
- Reason: Heh…just for fun!
- Archive Page: https://defacer.id/mirror/id/80897
- Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/80897
The attack utilized a File Inclusion vulnerability, which allowed the attacker to include files from the server into the web application. This method often results in unauthorized access to sensitive files or enables the defacement of web pages. The exploitation of this vulnerability underscores the need for proper security controls to validate and sanitize user inputs and protect against such attacks.
The motivation for this defacement was noted as “Heh…just for fun!”, indicating that the breach was carried out with no serious agenda or specific target in mind. It reflects a trend where the hacker’s primary intent was to showcase technical skills and enjoy the challenge of breaching a system rather than to achieve a particular goal or make a significant impact.