Publication Date: May 25th, 2024
Incident Date: May 25th, 2024
Website Details:
The compromised site is the Ethiopian Pharmaceuticals Supply Service, accessible at https://epss.gov.et/indonesia.html. The system is running Linux with an Nginx web server. The IP address is 162.241.219.146, and the server is located in the United States. The hacker behind this defacement is Mr.Rm19.
Proof of Concept:
The hacker exploited a vulnerability through an RPC server intrusion, which allowed them to gain unauthorized access to the system and modify the website content.
Reason:
The hacker’s motivation appears to be purely for amusement, as indicated by the comment “just for fun.”
Archive Page: https://defacer.id/mirror/id/120519
Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/120519
Hacker Details:
- Hacker Name: Mr.Rm19
Website Details:
- URL: https://epss.gov.et/indonesia.html
- System: Linux
- Web Server: Nginx
- IP: 162.241.219.146
- Location: United States