On September 4th, 2018, the official website of Portal Kota Cilegon was defaced by a hacker known as 4nzeL4, a member of the hacking group Newbie Security. The attack, carried out “just for fun,” reveals ongoing weaknesses in municipal government websites. Below are the detailed findings of the defacement.
Hacker Details:
- Hacker Name: 4nzeL4
- Hacker Group: Newbie Security
Website Details:
- URL: http://portal.cilegon.go.id/media/index.php
- System: Linux
- Web Server: Apache
- IP Address: 114.8.134.61
- Location: Indonesia
Incident Details:
- Date: September 4th, 2018 20:00:31 (WIB)
- Proof of Concept: SQL Injection
- Reason: Heh…just for fun!
- Archive Page: https://defacer.id/mirror/id/1937
- Cyber Attack Report Page: https://defacer.id/cyber-attack-report/1937
Summary:
The Portal Kota Cilegon website was defaced by 4nzeL4, a member of the Newbie Security group. The incident, motivated by casual amusement, demonstrates the vulnerabilities of municipal web services to cyberattacks such as SQL injection.
Proof of Concept:
The hacker used an SQL Injection technique, which involves manipulating a web application’s database queries to gain unauthorized access or alter website data.
Reason:
According to the attacker, the defacement was carried out for amusement, reflecting the low-level motivations behind many website defacements targeting local government sites.