Incident Date: September 13th, 2024 (WIB)
On September 13th, 2024, Ramil Feyziyev, a member of the hacking group Az-Xploit, successfully took control of four subdomains belonging to UNICEF Malaysia. The compromised subdomains were:
- https://myredcard.unicef.my
- http://mobile.unicef.my
- http://stopchildabuse.unicef.my
- http://picturemyrights.unicef.my
Hacker Details:
Hacker Name: Ramil Feyziyev
Hacker Group: Az-Xploit
Website Details:
System: Linux
Web Server: Apache
IP: 202.93.217.238
Location: Brunei Darussalam
The hacker exploited an undisclosed web application vulnerability, targeting the Apache server running on a Linux system. By manipulating this weakness, Feyziyev was able to gain unauthorized access to the affected subdomains, resulting in their takeover.
According to the hacker’s public statement, this attack was conducted as a personal challenge, showcasing the hacker’s skill in identifying and exploiting system vulnerabilities without an apparent political or financial motivation.