Publication Date: September 10, 2020
On September 10th, 2020, the website providing CPNS information for Kendal Regency (infocpns.kendalkab.go.id) was compromised by the hacker known as ./ZET404 Ganz, who is affiliated with the hacker group Sukoharjo6etar. The attack specifically targeted the URL http://infocpns.kendalkab.go.id/cot.htm, indicating a breach involving a particular page of the site dedicated to civil service information.
The attacker utilized SQL Injection as the proof of concept for this incident. SQL Injection involves inserting malicious SQL queries into input fields to manipulate or gain unauthorized access to the database behind a web application. This method of attack allowed the hacker to exploit vulnerabilities within the site’s database.
The reason provided by the hacker for this attack was simply “Heh…just for fun!” This suggests that the primary motivation behind the breach was personal amusement rather than any specific gain or agenda, reflecting a common pattern where attacks are carried out for entertainment or challenge.
Hacker Details:
- Hacker Name: ./ZET404 Ganz
- Hacker Group: Sukoharjo6etar
Website Details:
- URL: http://infocpns.kendalkab.go.id/cot.htm
- System: Linux
- Web Server: Apache
- IP: 118.97.18.38
- Location: Indonesia
Incident Details:
- Date: September 10th, 2020 22:54:04 (WIB)
- Proof of Concept: SQL Injection
- Reason: Heh…just for fun!
Archive Page: https://defacer.id/mirror/id/106618
Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/106618