1/02/2012
MANILA, Philippines — A local hacking group which has affiliated itself with global hacktivist collective “Anonymous” welcomed the New Year by lighting a different kind of pyrotechnique: a string of government website defacements bearing its New Year message, with an accompanying musical score to boot.
The most prominent attack bore down on the Office of the Vice President (OVP), where the hacking group PrivateX replaced the landing page with its own, bearing its statement for the website administrator.
This is the third time the OVP website was targeted by hacking groups. In June, the OVP even denied having its website breached, saying it was merely moving to a new server.
Reports from users indicate that the hackers also embedded an mp3 file of Rico Blanco’s “Yugto” on the page, which played when the site was opened. A line from the song prominently says “lumiyab ka…” or “set yourself on fire” when roughly translated in English.
According to the hackers’ Facebook page, however, the embedded music was not meant to “taunt” the website administrator. “The Purpose of the Video in the deface page … [is] to point out that transferring to a paid hosting doesn’t mean that you are secured.”The group also reiterated that they did not alter anything on the OVP’s server, saying they merely redirected the default “index.php” file to a custom “index.html” file which they created.
The defaced page has since been taken down on Monday morning, as the website administrators appear to have deleted the “index.html” file uploaded by PrivateX hackers.
But the OVP website was just one of the websites hacked by the group on New Year’s Day. Upon cursory inspection, the group had broken into at least nine other websites, including the Philippine Nuclear Research Institute (PNRI) Website on New Year’s Eve.
More elaborate defacements
In its Facebook page, PrivateX announced that its #OpSecure 2012 “is on.” #OpSecure is often the tag used by local hacking groups when pertaining to their defacement activities, the aim of which, they claim, is to merely point out the lack of security protocols in these government websites.
Among the websites hacked into by the group include the Optical Media Board, the PNRI, the Senate Electoral Tribunal, the Commission on Appointments, the the Philippine Racing Commission, the website of Libon, Albay (), the website of Camiguin () and the website of Manaoag, Pangasinan.
Save for the website of Manaoag, all the websites redirect to a page containing the logo of the group as well as its message for the New Year.
“Months had passed when we first wired our sentiments and growing passion of concern to intensify the Information Security here in the Philippine,” its message began.
“Occupants of the west are still on the move and in no such time, Manila, will be the center of unethical activities in Asia,” it added.
The group said these “unethical occupants of the West” would be organizing a “legion that will nullify the entire Philippine Cyberspace.”
The group, however, did not specify if by “legion” it meant the international hacking group “Anonymous,” which is known for its ending statements that refer to itself as such.
PrivateX’s statement, however, ended with the same trademark Anonymous callout, which says: “We are Anonymous, We are legion, We don’t forgive, We don’t forget, United as one, Divided by zero, Expect us.”
Meanwhile, on the website of Manaoag, the group posted a fictitious news item, which contained an embedded flash video that is not playable.
*Ties with Anonymous
On its Facebook page, the group has placed a call of support for people to like a newly setup page called “Anonymous #OccupyPhilippines,” which appears to be a collective effort of various hacking groups to intensify Anonymous’s operations in the Philippines.
Put up only on December 28, administrators of the page had said that their mission is to “Spread to The World the Govt’s Secrets,” without elaborating on how it is going to do so.
Now that PrivateX had explicitly announced that it is aligning itself with the hacking group Anonymous, it remains to be seen what actions it will take that bear similarities to what the international group had done in the past, including breaking into government and corporate websites and releasing sensitive information to the public.
As of posting, local hacking groups have only carried out defacements on various government websites, which do very little in terms of illegally acquiring sensitive information, but do a lot in terms of damaging the government’s information security credibility.
Just recently, Anonymous claimed responsibility for stealing a massive amount of email address, credit card numbers and other sensitive customer information from global think-tank “Stratfor.”
In a statement on Pastebin.com late Thursday, members of Anonymous calling themselves “AntiSec” posted links to what the group said were 75,000 names, addresses, credit card numbers and passwords for Stratfor customers.
The group also posted links to what it said were 860,000 user names, email addresses and passwords for people who have registered on Stratfor’s website, which remained offline on Friday nearly a week after coming under attack.
Stratfor, in a statement on its Facebook page, said it “regrets the latest disclosure of information obtained illegally from the company’s data systems.”
“We want to assure our customers and friends this was not a new cyber attack but was instead a release of information obtained during the previous security breach,” it said.
“The latest disclosure included credit card information of paid subscribers and many email addresses of those who receive Stratfor’s free services,” the company said.
Anonymous earlier this week published what it said was Stratfor’s client list, which included members of the US armed services, law enforcement agencies, top security contractors and major technology firms.
At least one Philippine company was listed among the names of companies the group had published, although it remains to be seen whether the group will release all information it currently holds on these firms. — with a report from Reuters
Posted in: hacking,ovp,private x,Tech Blogs,Tech News
1 comments:
Admin, if not okay please remove!
Our facebook group “selfless” is spending this month spreading awareness on prostate cancer & research with a custom t-shirt design. Purchase proceeds will go to cancer.org, as listed on the shirt and shirt design.
www.teespring.com/prostate-cancer-research
Thanks
Post a Comment