The official website of the Philippine National Police Criminal Investigation and Detection Group (PNP-CIDG) got compromised with hackers filling it with multiple embedded malicious links.

In what appears to be an attack exploiting the outdated platform that the agency’s website is using, the culprits managed to insert more than 3,200 malicious links hidden below the PNP-CIDG homepage.

For a regular visitor, he wouldn’t know that the page has been compromised until he clicked anywhere on the huge empty blue space when you scroll down the website. The links can lead you to random malicious sites and may even download potentially harmful files to your computer without your knowledge.

This isn’t the first time that PNP-CIDG’s website has been compromised. Records from Zone-H show that their page has been defaced way back in 2014 by Cyber_Taregh, a hacker from Indonesia.  In 2008, this same website was also reportedly hacked but the authorities downplayed it by saying that it “used to be the official website of the CIDG but has been deactivated”. But this time, the agency won’t be able to deny that they own this page as its content has been updated since July of this year.

It’s just ironic to see that this page, with banners promoting cybersecurity awareness, kept on being hijacked. If the authorities are really serious about cybersecurity, they should really start internally.

As of this writing, we haven’t received any feedback as to who did this to PNP-CIDG but we have since reported this to 8888 for their IT personnel’s proper action. An email will be sent to their indicated webmaster as well. We’ll keep you all posted.

 

Fjordan Allego
Follow me

Related Posts:

By Fjordan Allego

Fjordan Allego aka Fjordz is an IT security practitioner in the Philippines. He maintains a couple of blogs where he shares his views on various topics that he finds interesting. A self-confessed introvert who's mostly active in social media, Fjordz also loves to travel and explore the wonders of the world.

One thought on “PNP-CIDG gets compromised; site filled with multiple malicious links”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.