Thursday, June 16, 2011

Hacker defaces Customs website amid gov't warning vs hacking

Amid a looming review of the security of Philippine government websites, another government website fell victim to a hacker who defaced its news section.
A day after the government announced a review of government websites' security, the Bureau of Customs' website was defaced with several lines of text and the address of the supposed hacker's website. The defaced page was still online as of 7 a.m.

Visitors to the Bureau of Customs website's news section as of 7 a.m. were greeted with several lines of text in an unfamiliar font.

As of 7:21 a.m. Wednesday, the webpage referred to by the hacked Customs website lists supposed usernames and passwords taken from websites of government agencies and private firms.

The lines of text were superimposed on the news section of the Customs Bureau website. The links on the news section also appeared to be disabled.

On the other hand, the hacker left behind a
web address that led to an "anonymous text hosting service."

In the hacker's page, the hacker claimed to be "inactive" starting June 15 onwards.

However, the supposed hacker's page also contained what appeared to be usernames and passwords taken from websites of several Philippine government agencies and private firms.

"I will not decrypt the hash for you, unless you make contract with me," the hacker said.

Among the government sites listed in the hacker's page were:

- (Bangko Sentral ng Pilipinas)

- (Bureau of Agricultural Statistics)

- (Bureau of Customs)

- (Philippine Broadcasting Service)

Review of govt websites' security looms

On Tuesday, MalacaƱang said the security of government website may be reviewed soon, a day after a "Filipino" hacker group hinted at more attacks on Philippine government websites.

Presidential spokesman Edwin Lacierda indicated National Security Adviser Cesar Garcia is studying creating a task force to do the review.

Among the most recent attacks on government websites was the defacing last May 31 of the Department of Interior and Local Government's

Last Monday, a more "serious" group managed to hijack the site of the Philippine Nuclear Research Institute (PNRI).

The group, calling itself "Philker," redirecting visitors to the PNRI site to a separate website that bore a "warning" from the "Philker" group.

"We are not trying to damage you. We only want to help protect our country's cyberspace by doing what seems to be the most efficient way to get everyone's attention. May this deface serve as a reminder that you always have to look out for intruders. No matter how intelligent and competent your computer personnel are, there will be unethical hackers that are constantly working on breaking in your security," the hackers said in their
message in the redirected site.

Philker said that while it and online "thieves and terrorists" are "cut from the same cloth," its difference is that "we have good intentions."

It added it aims to elevate the Philippines' cyber culture and to "point out and correct the vulnerabilities of Philippine websites," to "protect them from unethical hackers, fraud, false propaganda and other people with malicious intent."

It also hinted at future break-ins of other sites, leaving behind a note similar to the international hacktivist group Anonymous.
— LBG, GMA News

Source: GMA News

Related News:
PHL gov't to assess website security in response to hacking
PHL hackers deface PNRI website, hint at more attacks

Talk Back
Please comment on this news article at our ROOTCON
Forum. We all learn from each other when your views and opinions are shared.

ROOTCON is managed by like minded InfoSec professionals across the Philippines.
All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.