A hacker named Megla Akash hacked the tourism subdomain of Davao City website. Megla Akash belongs to the Muslim hacking group Team_CC.

The tourism page under the domain of Davao City seemed to be running in WordPress which was possibly exploited by the hacker upon finding that it’s outdated. The hacker managed to insert malicious codes so it’s not recommended to visit the compromised site, especially that the IT administrators have yet to shut it down as of this writing.

Based on our initial analysis, the defaced website will redirect you to multiple suspicious pages. The embedded malicious javascript is associated to Cryxos trojans known for displaying “an alarming notification message saying that the user’s computer or web browser has been ‘blocked’ due to a virus infection and that their personal details are ‘being stolen’.”

The malicious javascript which was traced to report back to Ukraine has been widely used by hackers to spread malvertisements and has been documented being used in the wild since December 2017.

Team_CC also known as Team Cyber Commandos described their group as “a team formed by computer programmers and security researchers to show the world that Muslims can lead the world to a whole new level.”

According to Zone-H records, DavaoCity.gov.ph has already been defaced before. In 2010, a hacker nicknamed s4r4d0 breached the domain.

We will coordinate with the local government of Davao City to inform them of this security breach. As soon as we get feedback, we’ll update this article.

***UPDATES***

August 9, 2018 – We called 8888 to report this security incident. The report was filed under G20180809-526-2.

August 10, 2018 – We were contacted through phone by a personnel from Davao City. Per our conversation, they have already requested to take down the subdomain. Apparently, it’s being managed by a third party vendor.

August 14, 2018 – The filed ticket G20180809-526-2 has been closed. The subdomain remains inaccessible.

Fjordan Allego
Follow me

Related Posts:

By Fjordan Allego

Fjordan Allego aka Fjordz is an IT security practitioner in the Philippines. He maintains a couple of blogs where he shares his views on various topics that he finds interesting. A self-confessed introvert who's mostly active in social media, Fjordz also loves to travel and explore the wonders of the world.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.