Publication Date: August 5th, 2024
Incident Date: August 5th, 2024
The Tourism and Creative Economy Agency of the Republic of Indonesia (KEMENPAREKRAF) (ppid.kemenparekraf.go.id) was targeted in this incident. The compromised page was located at https://ppid.kemenparekraf.go.id/lib/kcfinder/upload/files/v.shtml. The attack was executed by 0xfunzies from the hacker group ParanoidHax.
Hacker Details:
- Hacker Name: 0xfunzies
- Hacker Group: ParanoidHax
Website Details:
- URL: https://ppid.kemenparekraf.go.id/lib/kcfinder/upload/files/v.shtml
- System: Linux
- Web Server: Nginx
- IP: 103.149.47.31
- Location: Indonesia
Incident Details:
- Date: August 5th, 2024 21:32:01 (WIB)
- Proof of Concept: Known vulnerability (i.e., unpatched system)
- Reason: Not available
The attack exploited a known vulnerability due to an unpatched system, allowing unauthorized access to the compromised page. The specific reason for the attack was not disclosed.
Archive Page: https://defacer.id/mirror/id/123634
Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/123634