Carding 4 Carders
Professional
- Messages
- 2,728
- Reaction score
- 1,585
- Points
- 113
From leaks to smiling trolls: hackers have proven that the country's government is not at all friendly with cybersecurity.
Government servers in the Philippines have been severely affected by numerous cyber attacks in recent weeks. A number of incidents have revealed vulnerabilities in the systems of many government agencies. Experts are particularly concerned about the fact that in some cases, attackers gained access to internal archives in the most trivial ways.
On October 3, a huge array of confidential data from the PhilHealth health insurance Corporation was published online. Hackers previously contacted the management to announce their terms, but the company refused to pay a ransom of $ 300,000. The leak affected millions of people, including Filipinos living abroad — for example, in Hong Kong.
Then unknown people hacked the website of the Philippine House of Representatives. The attackers posted an image of a smiling troll on it. Administrators were forced to temporarily disable the resource — now it is "under maintenance".
On the same page, the hackers left a message in Tagalog and English: "Have a nice day, Happy April Day to you, even though it's only October. Fix your website." Later it turned out that a group or individual under the pseudonym "3musketeerz"was involved in the incident.
Other government servers were also affected: Statistics Philippines, the National Police Forensic Science Database, as well as the websites of the Department of Science and Technology, the Office of Technical Education and Skills Development (Tesda), and Clark International Airport.
In this case, a young hacker from the southern city of Davao claimed responsibility. He calls himself DiabloX Phantom and claims to be only 19 years old.
During a live broadcast on the X platform, the young man said that he had previously worked for government agencies as part of the Red Team (the"red" team of pentesters). He commented on his actions: "I am a hacktivist, and it annoys me that, despite the obvious problems, the government does not take any action."
For hacking, the young hacker used a variety of methods: for example, he sent a malicious email to a Tesda employee and used the registration form on the Clark Airport website to download the source code for accessing the server. Some sites already had backdoors — vulnerable entry points created by other hackers. The easiest target was the Department of Science and Technology: its administrators used the simplest default password — "Admin123"to protect the system.
It is important to mention that DiabloX Phantom denies any involvement in hacking PhilHealth, Congress, or any other entities.
A short time later, an ad for the sale of secret military documents appeared on the darknet. So it became known about a leak from the National Intelligence Coordination Agency: about 500 megabytes of data directly related to the Philippine Air Force were compromised. Hackers require payment in cryptocurrency, according to the classics.
On October 13, the Department of Information and Communication Technologies acknowledged the fact of cyber attacks on many government agencies. The only information that the representatives denied was the hacking of the police service's systems, which was also reported as part of a series of October incidents. According to the department, this information has long been outdated.
It is now known that PhilHealth was attacked by a group of Medusa Ransomware and, obviously, not with good intentions at all. As a result of the investigation, it turned out that the organization did not renew its subscription to the antivirus program on time. Just this could make the task easier for attackers.
The motives of most of the actors behind the cyberattacks remain unknown. Carlos Nazareno, Director of Human Rights Initiatives at the company Democracy.net.ph "They want to prove that government systems are poorly protected, or they want to attract attention by demonstrating their skills," he said. Maybe someone is doing it just for fun."
Despite the growing number of attacks, the government is still not taking active steps to strengthen cybersecurity. Only time will tell if the hacktivists efforts will benefit.
Government servers in the Philippines have been severely affected by numerous cyber attacks in recent weeks. A number of incidents have revealed vulnerabilities in the systems of many government agencies. Experts are particularly concerned about the fact that in some cases, attackers gained access to internal archives in the most trivial ways.
On October 3, a huge array of confidential data from the PhilHealth health insurance Corporation was published online. Hackers previously contacted the management to announce their terms, but the company refused to pay a ransom of $ 300,000. The leak affected millions of people, including Filipinos living abroad — for example, in Hong Kong.
Then unknown people hacked the website of the Philippine House of Representatives. The attackers posted an image of a smiling troll on it. Administrators were forced to temporarily disable the resource — now it is "under maintenance".
On the same page, the hackers left a message in Tagalog and English: "Have a nice day, Happy April Day to you, even though it's only October. Fix your website." Later it turned out that a group or individual under the pseudonym "3musketeerz"was involved in the incident.
Other government servers were also affected: Statistics Philippines, the National Police Forensic Science Database, as well as the websites of the Department of Science and Technology, the Office of Technical Education and Skills Development (Tesda), and Clark International Airport.
In this case, a young hacker from the southern city of Davao claimed responsibility. He calls himself DiabloX Phantom and claims to be only 19 years old.
During a live broadcast on the X platform, the young man said that he had previously worked for government agencies as part of the Red Team (the"red" team of pentesters). He commented on his actions: "I am a hacktivist, and it annoys me that, despite the obvious problems, the government does not take any action."
For hacking, the young hacker used a variety of methods: for example, he sent a malicious email to a Tesda employee and used the registration form on the Clark Airport website to download the source code for accessing the server. Some sites already had backdoors — vulnerable entry points created by other hackers. The easiest target was the Department of Science and Technology: its administrators used the simplest default password — "Admin123"to protect the system.
It is important to mention that DiabloX Phantom denies any involvement in hacking PhilHealth, Congress, or any other entities.
A short time later, an ad for the sale of secret military documents appeared on the darknet. So it became known about a leak from the National Intelligence Coordination Agency: about 500 megabytes of data directly related to the Philippine Air Force were compromised. Hackers require payment in cryptocurrency, according to the classics.
On October 13, the Department of Information and Communication Technologies acknowledged the fact of cyber attacks on many government agencies. The only information that the representatives denied was the hacking of the police service's systems, which was also reported as part of a series of October incidents. According to the department, this information has long been outdated.
It is now known that PhilHealth was attacked by a group of Medusa Ransomware and, obviously, not with good intentions at all. As a result of the investigation, it turned out that the organization did not renew its subscription to the antivirus program on time. Just this could make the task easier for attackers.
The motives of most of the actors behind the cyberattacks remain unknown. Carlos Nazareno, Director of Human Rights Initiatives at the company Democracy.net.ph "They want to prove that government systems are poorly protected, or they want to attract attention by demonstrating their skills," he said. Maybe someone is doing it just for fun."
Despite the growing number of attacks, the government is still not taking active steps to strengthen cybersecurity. Only time will tell if the hacktivists efforts will benefit.
