Incident Overview
On October 22nd, 2018, at 01:22:20 WIB, the website of the Commercial Register Ecuador (http://www.registromercantil.gob.ec) was compromised and defaced by the hacker known as Nurmala, affiliated with the group W3LL SQUAD. This incident has raised significant concerns about the security of the affected website and the potential vulnerabilities exploited by the attacker.
Hacker Details
- Hacker Name: Nurmala
- Hacker Group: W3LL SQUAD
Website Details
- URL of Defaced Page: http://www.registromercantil.gob.ec/images/why.txt
- System: Linux
- Web Server: Apache
- IP Address: 50.62.96.1
- Location: United States
Incident Details
- Date and Time: October 22nd, 2018, 01:22:20 WIB
Additional Resources
- Archived Page of Incident: https://defacer.id/mirror/id/11964
- Cyber Attack Report’s Page: https://defacer.id/cyber-attack-report/11964
Method of Attack
The attack was carried out using social engineering techniques. This method involves manipulating individuals into divulging confidential information or performing actions that compromise security. In this case, the attacker likely tricked someone with access to the website into revealing login credentials or other sensitive information necessary to execute the defacement.
Reason for Attack
The defacement was conducted as a challenge, indicating that the attacker was motivated by the desire to demonstrate their skills or achieve recognition within the hacking community. This type of motivation is often seen in hacktivist and amateur hacking groups seeking to prove their capabilities or gain notoriety.