Skip navigation

We receive new info about the servers of the House of Representatives of the Philippines. Holy cow! after we have informed the sysads of the House all he/she did was erased the html file uploaded by the hackers. The hackers, ISAW learned from an email, uploaded again the same html file in less than five minutes after it was erased. If you are lucky you can see a “the page cannot be displayed” error, this is the time when the sysad has successfully erased the file, but most of the time you can see the hackers page at http://www.congress.gov.ph/download/bids/rst.html

The DOST still has the most number of servers hacked among all the Philippine government agencies. Just yesterday PCARRD servers were breached by foreign hackers.

Go to http://environment.peza.gov.ph/phpbb/ and you will see that it is still hacked. I don’t know who to blame on this mess but we have informed them about it a long time ago.

Napocor’s vulnerability is more than two years old but the sysad failed to secure his/her system http://www.napocor.gov.ph/webnpc/main.htm

The hacker’s playground among the .gov.ph sites is PIDS, see http://webmail.pids.gov.ph/

Another DOST site was hacked last year, until now the hacked page is still there http://spu.mis.dost.gov.ph/modules.php?name=Contact_Us The hacker s3rgan has hacked more than 50 sites of the DOST most of them still up with his tag.

The forum of the North Luzon Growth Quadrangle Area under the office of the President was hacked last year, until now the hacked forum is still up and running. See http://www.northquad.gov.ph/forum/index.php?action=profile;u=592

AND IF THE WEBSITE OF THE COMMISSION ON ELECTIONS WOULD BE THE BASIS FOR THE SECURE ELECTIONS, THEN YOU MIGHT AS WELL USE PAPER DOORS AND CARDBOARD WINDOWS TO SECURE YOUR HOMES.

There are 12 more .gov.ph sites that are either vulnerable or already hacked as of Feb 17, 2007 at 7:30AM Manila Time. We will publish them as soon as we have informed the sysads.

More than 50 LGU’s under the National Computer Center are also vulnerable according to an info we received from Turkish hackers.

ISAW has no participation on the attacks committed on the above mentioned servers. We ONLY record those attacks and publish the non-sensitive ones. All sensitive info we receive from hackers are treated as confidential.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: