PNP-CIDG gets compromised; site filled with multiple malicious links

The official website of the Philippine National Police Criminal Investigation and Detection Group (PNP-CIDG) got compromised with hackers filling it with multiple embedded malicious links.

In what appears to be an attack exploiting the outdated platform that the agency’s website is using, the culprits managed to insert more than 3,200 malicious links hidden below the PNP-CIDG homepage.

For a regular visitor, he wouldn’t know that the page has been compromised until he clicked anywhere on the huge empty blue space when you scroll down the website. The links can lead you to random malicious sites and may even download potentially harmful files to your computer without your knowledge.

This isn’t the first time that PNP-CIDG’s website has been compromised. Records from Zone-H show that their page has been defaced way back in 2014 by Cyber_Taregh, a hacker from Indonesia.  In 2008, this same website was also reportedly hacked but the authorities downplayed it by saying that it “used to be the official website of the CIDG but has been deactivated”. But this time, the agency won’t be able to deny that they own this page as its content has been updated since July of this year.

It’s just ironic to see that this page, with banners promoting cybersecurity awareness, kept on being hijacked. If the authorities are really serious about cybersecurity, they should really start internally.

As of this writing, we haven’t received any feedback as to who did this to PNP-CIDG but we have since reported this to 8888 for their IT personnel’s proper action. An email will be sent to their indicated webmaster as well. We’ll keep you all posted.

 

Fjordan Allego
Follow me
Latest posts by Fjordan Allego (see all)

Related Posts:

Trackbacks

  1. […] were also compromised by hackers: the Criminal Investigation and Detection Group (PNP-CIDG) in August, and Philippine National Police Foundation, Inc. (PNPFI) and Directorate for Personnel and Records […]

Speak Your Mind

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.