On September 4th, 2018, the official website of Kecamatan Bayan Kabupaten Purworejo was defaced by a hacker known as Mr.Satsat, a member of the Dark Side Team. This attack highlights yet another instance of vulnerabilities in local government websites, particularly involving outdated systems. Below are the details of the defacement incident.
Hacker Details:
- Hacker Name: Mr.Satsat
- Hacker Group: Dark Side Team
Website Details:
- URL: http://kec-bayan.purworejokab.go.id
- System: Linux
- Web Server: Apache
- IP Address: 180.250.150.187
- Location: Indonesia
Incident Details:
- Date: September 4th, 2018, 21:50:44 (WIB)
- Proof of Concept: Known vulnerability (unpatched system)
- Reason: Heh…just for fun!
- Archive Page: https://defacer.id/mirror/id/1975
- Cyber Attack Report Page: https://defacer.id/cyber-attack-report/1975
Summary:
The Kecamatan Bayan Kabupaten Purworejo website was defaced by Mr.satsat from the Dark Side Team, exploiting a known vulnerability in the system. The defacement was not driven by any serious motive, as the hacker claimed it was done “just for fun.”
Proof of Concept:
The attacker leveraged a known vulnerability in the website’s infrastructure, which was left unpatched, allowing easy access and the opportunity for defacement.
Reason:
The hacker indicated that the attack was performed for amusement, highlighting the importance of regular updates and security patches for websites, particularly for government portals.