Hacking Incident #385: Indonesian Hacker Takes Over Malaysian National Medical Research Register Website

November 5, 2024, 00:11:23 WIB | Cybersecurity Daily

A recent hacking incident, labeled as Incident #385, involved a targeted attack on the Malaysian National Medical Research Register’s website. The defacement was attributed to an Indonesian hacker operating under the alias @bboscat, a member of the group Garuda Suspend Commission. The hacker managed to gain access to the website, leaving a defaced message, and publicly shared proof of the breach on a web archive.

The breached URLs include:

The hacker left a message on the defaced page:

Hacked by @bboscat

– Let’s have fun hahahaha –

Linux nmrr-app-1 5.15.0-124-generic #134-Ubuntu SMP Fri Sep 27 20:20:17 UTC 2024 x86_64

> #Indonesian_Hacker_Rulez <

The compromised system runs on a Linux server with Nginx as the web server. It appears the attacker exploited an unpatched vulnerability within the system, allowing unauthorized access. According to the hacker’s statement, the attack was carried out “just for fun,” potentially as a statement of digital dominance, referencing “Indonesian_Hacker_Rulez” in the defacement message.

Incident Summary
Hacker: @bboscat
Hacker Group: Garuda Suspend Commission


Targeted Website: Malaysian National Medical Research Register
Domain: nmrr.gov.my
System: Linux, Nginx
IP Address: 203.106.223.77
Location: Malaysia

Proof of Attack and Archives
Following the incident, the hacker submitted the attack to Defacer ID, a digital archive for defacement evidence, providing detailed snapshots of the breach. Relevant archive pages for public reference include:

Cyber Attack Report
In addition to the defacement archives, a full cyber-attack report detailing the methodology and timeline has been submitted:

This incident highlights the ongoing risk of unpatched vulnerabilities in public systems, especially for government and national databases.