DefacerID

Hacking Incident #390: DINSOS Hulu Sungai Utara Cyber Attack Involving Ghost7 from Depok Blackhat

On February 2nd, 2025, at approximately 21:52 WIB, the official website of DINSOS Hulu Sungai Utara (dinsos.hsu.go.id) was hacked and defaced by a hacker known as Ghost7, a member of the DEPOK BLACKHAT group.

The attacker allegedly used a brute force attack to compromise the system, gaining unauthorized access and altering the website’s content. The site, which runs on a Linux-based server behind CloudFlare protection, was successfully breached. The hacker provided “Heh… just for fun!” as the motivation for the attack.

Hacker Details:

  • Hacker Name: Ghost7
  • Hacker Group: DEPOK BLACKHAT

Website Details:

  • Website Name: DINSOS Hulu Sungai Utara
  • URL: https://dinsos.hsu.go.id/
  • System: Linux
  • Web Server: CloudFlare
  • IP Address: 104.26.5.188
  • Location: United States

Incident Details:

Hacker’s Message

Upon defacement, the hacker left the following message on the website:

Stamped By Ghost7
Do You Miss Me?

Additionally, Ghost7 included a greetings list mentioning fellow hackers and groups:

Greetz: Devil_Star – Mr4NGG3R – udu.H-CK3r – Mayat1337 – M00NL16H7 – Ghost7 – ZeroShikii

Shootz: Depok Blackhat – Banyumas Cyber Team – AnonGhost Indonesian – And All Indonesian Defacer

An archived version of the defaced page has been saved on Defacer ID, a platform tracking cyber defacements. The full cyber attack report is also accessible via the provided links.

This incident raises serious concerns about cybersecurity measures for government-affiliated websites. As hacking incidents targeting public sector domains increase, authorities are urged to enhance security protocols, enforce stronger authentication mechanisms, and conduct regular system audits to prevent further attacks.

As of now, there has been no official statement from DINSOS Hulu Sungai Utara or related authorities regarding the breach.

,
,