September 5th, 2020 | Cybersecurity Daily
On September 5th, 2020, the website of the Pakistan Investment Department (www.sindhinvestment.gos.pk) was compromised by K4TSUY4-GH05T from the 7Ghost-Team. The incident was reported at 21:20:02 WIB and involved the exploitation of a SQL Injection vulnerability.
Hacker Details: The attacker, known as K4TSUY4-GH05T, is affiliated with the 7Ghost-Team. The motivation behind the attack was described as “I just want to be the best defacer,” indicating a desire to achieve notoriety within the hacking community.
Website Details:
- URL of affected page: http://www.sindhinvestment.gos.pk/r.html
- System: Linux
- Web Server: Apache
- IP Address: 50.31.134.241
- Location: United States
Incident Details: The breach was carried out using SQL Injection, a technique that exploits vulnerabilities in the website’s database queries. This type of attack allows attackers to manipulate and retrieve sensitive data, leading to unauthorized access and defacement of the site.
For more information, refer to the archived page at https://defacer.id/mirror/id/105213 and the detailed cyber attack report at https://defacer.id/cyber-attack-report/105213.