Xscyth3 of PureHackers breaches PUP school database

Perhaps, one of the wildest dreams of college students is to hack their school’s database and alter their grades according to their will. Of course, it’s illegal and we don’t encourage this kind of cheating (or any form of it, for that matter). However, in the latest security breach that we uncovered, a top Philippine university got compromised and the culprit behind it is claiming that he’s able to access the school’s database containing the students’ records including their grades.

Hacker Noigel Dust aka Xscyth3 managed to compromise a subdomain of Polytechnic University of the Philippines (PUP). He initially uploaded a readme.txt yesterday to probably test his access. It’s the hackers way of ‘owning’ their compromised websites. They vandalize it with their names, affiliated hacking groups and their messages. However, web administrators of PUP may have cleaned it up this morning as the path is no longer accessible. Xscyth3 then up the path RRB.php for the same purpose.

Students have started to flock to the hacker’s post. On the other hand, PUP has yet to release a statement about the breach. Their data protection officer is expected to contact the National Privacy Commision as this obviously involves personally identifiable information. We will keep this article updated as soon as we get new information.

As for the background of the hacker, Xscyth3 is currently affiliated with PureHackers, the same hacking group who compromised Frontrow yesterday. Based on his profile in cybercrime archive Zone-H, he has long records of compromised websites under his belt including the recent ones such as that of Laguna University and Department of Agriculture’s Bureau of Plant Industry Portal. Both defacements were recorded last July 18 and 17 respectively but are still up as of this writing.

• About
• Latest Posts

Follow me

Fjordan Allego

Fjordan Allego aka Fjordz is an IT security practitioner in the Philippines. He maintains a couple of blogs where he shares his views on various topics that he finds interesting. A self-confessed introvert who's mostly active in social media, Fjordz also loves to travel and explore the wonders of the world.

Follow me

Latest posts by Fjordan Allego (see all)

• Bulacan website hacked to host BDO phishing page - June 21, 2019
• How To Lower Your Home Insurance Cost - June 19, 2019
• Filipinos’ increasing senseofsecurity - June 15, 2019

Related Posts:

• PureHackers deface DepEd Antique’s website
• IT recruitment company hacked; applicants’ details uploaded online
• Hackers compromise websites of Philippine Army, AFPSLAI
• DILG-NCR’s CERT got hacked again
• Anonymous Sultan Kudarat defaces DepEd La Carlota
• InFamouz: New breed of hacker compromises websites, deploys patches after