Xscyth3 of PureHackers breaches PUP school database

Posted by at July 19, 2018 2 Comments

Perhaps, one of the wildest dreams of college students is to hack their school’s database and alter their grades according to their will. Of course, it’s illegal and we don’t encourage this kind of cheating (or any form of it, for that matter). However, in the latest security breach that we uncovered, a top Philippine university got compromised and the culprit behind it is claiming that he’s able to access the school’s database containing the students’ records including their grades.

Hacker Noigel Dust aka Xscyth3 managed to compromise a subdomain of Polytechnic University of the Philippines (PUP). He initially uploaded a readme.txt yesterday to probably test his access. It’s the hackers way of ‘owning’ their compromised websites. They vandalize it with their names, affiliated hacking groups and their messages. However, web administrators of PUP may have cleaned it up this morning as the path is no longer accessible. Xscyth3 then up the path RRB.php for the same purpose.

Students have started to flock to the hacker’s post. On the other hand, PUP has yet to release a statement about the breach. Their data protection officer is expected to contact the National Privacy Commision as this obviously involves personally identifiable information. We will keep this article updated as soon as we get new information.

As for the background of the hacker, Xscyth3 is currently affiliated with PureHackers, the same hacking group who compromised Frontrow yesterday. Based on his profile in cybercrime archive Zone-H, he has long records of compromised websites under his belt including the recent ones such as that of Laguna University and Department of Agriculture’s Bureau of Plant Industry Portal. Both defacements were recorded last July 18 and 17 respectively but are still up as of this writing.

Fjordan Allego
Follow me

Fjordan Allego

Fjordan Allego aka Fjordz is an IT security practitioner in the Philippines. He maintains a couple of blogs where he shares his views on various topics that he finds interesting. A self-confessed introvert who's mostly active in social media, Fjordz also loves to travel and explore the wonders of the world.
Fjordan Allego
Follow me

Latest posts by Fjordan Allego (see all)

Related Posts:

Filed Under: data privacy Internet Security News Tagged With:

Comments

  1. Crimson Fawkes says
    July 20, 2018 at 4:05 pm

    And they defaced lnu.edu.ph just now

    Reply

Trackbacks

  1. Boardwalk gets hacked again says:
    July 27, 2018 at 4:54 am

    […] penetrated this time anew by Xscyth3, the same hacker who also targetted the database of Polytechnic University of the Philippines […]

    Reply

Speak Your Mind

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.