August 14th, 2020 | Cybersecurity Daily
On August 14th, 2020, the Digital Library DPRD Daerah Istimewa Yogyakarta, located at http://digilib.dprd-diy.go.id/ea.txt, was hacked by Alqiyaramdana from the Ghost Riddiculous Team. The attack involved exploiting a SQL Injection vulnerability.
Hacker Details:
- Hacker Name: Alqiyaramdana
- Hacker Group: Ghost Riddiculous Team
Website Details:
- URL: http://digilib.dprd-diy.go.id/ea.txt
- System: Linux
- Web Server: Apache
- IP: 202.169.225.36
- Location: Indonesia
Incident Details:
- Date: August 14th, 2020 22:43:11 (WIB)
- Proof of Concept: SQL Injection
- Reason: Heh…just for fun!
Archive Page: https://defacer.id/mirror/id/97462
Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/97462
The attacker utilized SQL Injection, a technique where malicious SQL statements are inserted into an entry field for execution. This can compromise the database and allow unauthorized access.
The reason behind the attack was stated as recreational, with the hacker seeking the thrill of breaching the system.