Hacking Incident #376: Asaduzzaman Girls High School And College Hacked by 5H3-410N

Published Date: September 21, 2024 | Cybersecurity Daily
Incident Date: September 19th, 2024, 23:18:35 WIB

In a significant security breach, the website of Asaduzzaman Girls High School and College, rmhaziasaduzzamanhschool.edu.bd, was hacked and defaced on September 19th, 2024, by an individual known as 5H3-410N, affiliated with the hacker group ELITE’S OF BICP. This incident raises serious concerns regarding the cybersecurity measures in place for educational institutions.

Hacker Details:

  • Hacker Name: 5H3-410N
  • Hacker Group: ELITE’S OF BICP

Website Details:

Incident Details:

The hacking incident appears to have exploited a known vulnerability in the web server, indicating that timely security updates may not have been applied. The hacker, motivated by a sense of patriotism, replaced the school’s homepage with a defaced message, drawing attention to the security lapses in educational institutions.

This is the message the hacker left on the hacked page:

“Assalamu Alaikum, We are Bangladeshi hacker’s. We wish you well. I am informing the admin panel that your website has vulnerability, through which black hat hackers from foreign countries can take various information and damage the website by accessing the website. Fix the vulnerability of your website. Otherwise, malicious hackers can steal or damage your website information at any time.”

Proof of Concept: Known vulnerability (unpatched system)

This indicates that the attacker exploited an existing weakness in the website’s security. Unpatched systems are particularly vulnerable as they lack the latest security updates that protect against known threats. The failure to apply these updates can lead to significant breaches, as demonstrated in this incident.

Reason: Patriotism

The hacker’s motivation stems from a sense of national pride. By targeting an educational institution, the hacker aimed to draw attention to security vulnerabilities and promote awareness of cybersecurity risks within the country. This reflects a complex intersection of activism and hacking, where the intent is to alert rather than simply harm.

For ongoing updates and further details, please refer to the linked reports and archives.