Multiple subdomains of the Department of Health (DOH) has been compromised by a hacker named Sanji. In a report sent to Blogger Engineer, the culprit was also behind the defacement of these same DOH subdomains back in December 2018.
Among those that were hit are DOH’s Epidemiology Bureau, Health Facilities and Services Regulatory Bureau, Health Planning Division, and even their Information Technology Infrastructure and Security Division.
Back in December 2018, Anonymous Philippines posted on their Facebook Page the proof of the attack. Sanji’s affiliation then was with Hawk Cyber Army. We’re not sure yet how this group is related to Anonymous Philippines and to Philippine CyberSecurity. What we do know is that Sanji, despite confusions with his group affiliations, is the main person behind the attack.
Sanji is seemed to be driven by the Dengvaxia reports back then and was most likely triggered to hit back DOH with the recent news of measles outbreak believed to be caused by the Dengvaxia scare last year.
Blogger Engineer will have this coordinated with DOH.
***Update***
February 23, 2019: We tried contacting DOH-ITISD Hotline but unable to get hold of someone. We sent an email instead and reported this security incident to 8888 under the Reference #: G20190223-135-3.
February 24, 2019: EmzTV Official published a video how Sanji exploited the vulnerability found in DOH website. Watch the video below:
- Phishing Email Analysis Landing Page - September 19, 2024
- BPI to hold Cybersecurity Conference to ‘Fortify Cyber-Resilience in an AI World’ - July 25, 2024
- New Smishing Campaign makes use of Globe SMS Sender ID - May 27, 2024