Incident Date: June 15th, 2024
Hacker Details:
- Hacker Name: Mr.C4T30X
Website Details:
- URL: https://inlislite.lahatkab.go.id/uploaded_files/foto_anggota/Boys.php?timestamp=32144
- System: Microsoft Windows
- Web Server: Apache
IP: 103.145.126.10
Location: Indonesia
Incident Details:
- Date: June 15th, 2024 20:27:58 (WIB)
The Lahat Regency Government website (inlislite.lahatkab.go.id) was defaced on the specified date. The attacker, known as Mr.C4T30X, targeted the page at https://inlislite.lahatkab.go.id/uploaded_files/foto_anggota/Boys.php?timestamp=32144.
The Proof of Concept for this attack involved exploiting an SQL Injection vulnerability. SQL Injection allows attackers to execute arbitrary SQL commands via input fields, potentially leading to unauthorized data access or modification.
The reason for the attack was stated as “Heh…just for fun!” suggesting that the motivation was primarily for amusement rather than any specific agenda.
For more information, visit the Archive Page: https://defacer.id/mirror/id/121231 and the Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/121231.