July 8th, 2024 | Cybersecurity Daily
On July 8th, 2024, the website of The Independent Policing Oversight Authority Kenya (www.ipoa.go.ke) was compromised by ./ECHA from the Depok Blackhat group. The attack was detected at 00:34:22 WIB and exploited a configuration or administrative mistake in the website’s security setup.
Hacker Details: The attacker, identified as ./ECHA, is associated with the Depok Blackhat group. The motive behind the breach was described as “Heh…just for fun!” suggesting the incident was intended to demonstrate technical skill rather than for malicious purposes.
Website Details:
- URL of affected page: https://www.ipoa.go.ke/index.html
- System: Linux
- Web Server: Apache
- IP Address: 62.12.117.222
- Location: Kenya
Incident Details: The compromise was achieved through the exploitation of a configuration or administrative mistake, which allowed the attacker unauthorized access to the website. This vulnerability typically arises from improper setup or inadequate security measures on the site.
For additional information, view the archived page at https://defacer.id/mirror/id/122147 and the comprehensive cyber attack report at https://defacer.id/cyber-attack-report/122147.