A hacker named Megla Akash hacked the tourism subdomain of Davao City website. Megla Akash belongs to the Muslim hacking group Team_CC.
The tourism page under the domain of Davao City seemed to be running in WordPress which was possibly exploited by the hacker upon finding that it’s outdated. The hacker managed to insert malicious codes so it’s not recommended to visit the compromised site, especially that the IT administrators have yet to shut it down as of this writing.
Based on our initial analysis, the defaced website will redirect you to multiple suspicious pages. The embedded malicious javascript is associated to Cryxos trojans known for displaying “an alarming notification message saying that the user’s computer or web browser has been ‘blocked’ due to a virus infection and that their personal details are ‘being stolen’.”
The malicious javascript which was traced to report back to Ukraine has been widely used by hackers to spread malvertisements and has been documented being used in the wild since December 2017.
Team_CC also known as Team Cyber Commandos described their group as “a team formed by computer programmers and security researchers to show the world that Muslims can lead the world to a whole new level.”
According to Zone-H records, DavaoCity.gov.ph has already been defaced before. In 2010, a hacker nicknamed s4r4d0 breached the domain.
We will coordinate with the local government of Davao City to inform them of this security breach. As soon as we get feedback, we’ll update this article.
***UPDATES***
August 9, 2018 – We called 8888 to report this security incident. The report was filed under G20180809-526-2.
August 10, 2018 – We were contacted through phone by a personnel from Davao City. Per our conversation, they have already requested to take down the subdomain. Apparently, it’s being managed by a third party vendor.
August 14, 2018 – The filed ticket G20180809-526-2 has been closed. The subdomain remains inaccessible.
- PH releases first Super App ‘eGov PH’ - June 3, 2023
- Finding the Best Place for Repairs After a Car Accident - February 27, 2021
- ABS-CBN YouTube channels hacked by crypto scammers - November 4, 2020