Hacking Incident #075: Analysis of Judges’ Decisions (APH) by the Judicial Commission (KY) (aph.komisiyudisial.go.id) Hacked by Sultan Hidayatullah

On October 20th, 2018, the Analysis of Judges’ Decisions (APH) website, managed by the Judicial Commission (KY), was hacked and defaced by an individual known as Sultan Hidayatullah. The attacker is associated with the EXI2T CYBER TEAM.


Hacker Details:

  • Hacker Name: Sultan Hidayatullah
  • Hacker Group: EXI2T CYBER TEAM

Website Details:

Incident Details:


Summary:

The APH website, used for analyzing judges’ decisions by the Judicial Commission (KY), experienced a breach by Sultan Hidayatullah. This incident resulted in a defacement of the site, demonstrating vulnerabilities within the website’s security.

Proof of Concept:

The attack exploited an Other Web Application bug, though specific details of the vulnerability were not disclosed. The exact nature of the bug remains unclear, but it allowed unauthorized access to the website’s content.

Reason:

Sultan Hidayatullah claimed the attack was executed “just for fun,” implying that the motivation was primarily recreational rather than malicious.