August 12th, 2019 | Cybersecurity Daily
On August 12th, 2019, the Ministry of Environment PBA Argentina website, found at http://www.opds.gba.gov.ar/sites/default/files/, was compromised. The attacker, identified as Mr.L3RB1 from the Sorong6etar group, executed an SQL Injection attack to breach the site. This attack led to unauthorized changes and defacement of the website.
Hacker Details:
- Hacker Name: Mr.L3RB1
- Hacker Group: Sorong6etar
Website Details:
- URL: http://www.opds.gba.gov.ar/sites/default/files/
- System: Linux
- Web Server: Apache
- IP: 170.155.9.169
- Location: Argentina
Incident Details:
- Date: August 12th, 2019 17:31:57 (WIB)
- Proof of Concept: SQL Injection
- Reason: Heh…just for fun!
Archive Page: https://defacer.id/mirror/id/87820
Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/87820
The attacker exploited an SQL Injection vulnerability to gain unauthorized access to the website. SQL Injection involves inserting malicious SQL queries into input fields or URLs to manipulate the site’s database. In this case, the attacker was able to execute unauthorized commands, which led to alterations and defacement of the website’s content.
The attacker’s reason for the breach was “Heh…just for fun!” This suggests that the motivation behind the incident was to showcase technical skills or create disruption for amusement, rather than pursuing any specific goals or objectives.