Publication Date: July 20th, 2024
Incident Date: July 20th, 2024
Website Details:
The compromised site is the Ministry of Education, Culture, Research, and Technology (KEMDIKBUD), accessible at https://simbelmawa.kemdikbud.go.id/api/storage/fileUpload/2020/catatan/PKM_Pengabdian_Kepada_Masyarakat/91e2cfbb-787b-416c-957a-346f46b5f6a3.htm. The system is running Linux with an Nginx web server. The IP address is 103.225.242.7, and the server is located in Indonesia. The hacker responsible for this defacement is ./Outsiders, affiliated with the hacker group 1337Syndicate.
Proof of Concept:
The attack exploited a known vulnerability in the system, specifically targeting an unpatched system component, which allowed unauthorized access and modification of site files.
Reason:
The hacker indicated that the attack was executed “just for fun,” suggesting a lack of malicious intent beyond the desire for amusement.
Archive Page: https://defacer.id/mirror/id/122601
Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/122601
Hacker Details:
- Hacker Name: ./Outsiders
- Hacker Group: 1337Syndicate
Website Details:
- URL: https://simbelmawa.kemdikbud.go.id/api/storage/fileUpload/2020/catatan/PKM_Pengabdian_Kepada_Masyarakat/91e2cfbb-787b-416c-957a-346f46b5f6a3.htm
- System: Linux
- Web Server: Nginx
- IP: 103.225.242.7
- Location: Indonesia