Indonesian Army Site Attacked By Hackers, Advertised Shoes To Iphone Chargers
JAKARTA - Hacking was experienced by one of the official websites belonging to the Indonesian Army (TNI AD). The website belongs to the Directorate of Army Engineers (Ditzitad).
The Engineer Division is known for its military technical duties and functions both in the base area and in combat.
The hacker targeted a subdomain with the address http://ditzi-tniad.mil.id. On this site is written "Mr.Kro0oz.305".
Evidence of the attack was uploaded on October 18, 2021 on Zone-H.org, a web portal used by defacers, hackers who change the appearance of a web home page to showcase their work.
The defaced URL address listed is http://ditzi-tniad.mil.id/wh.html, but this link when accessed does not display anything. It appears that the subdomain has been taken offline by the web administrator.
When the incident occurred, the face of the website was added by the hacker an image file of a hacker wearing a black hoodie sitting facing a PC screen.
“Hacked by Mr. Kro0oz.305. It's all about change!!," wrote the hackers reported by Cyberthreat.id, Thursday, October 28.
If you search for subdomain addresses on Google or DuckDuckGo search engines, strange search results appear, namely advertisements for a number of commercial products, such as tennis shoes, power supplies for PC gaming, USB, iPhone chargers, bicycle lights, leather jackets, and others. Apparently, hackers took advantage of a vulnerability in the website to install HTML ads for a number of products.
If you look at Google cache, the hack appears to have occurred last September based on an ad “USB C cable” displayed on September 28 at 12:37, as below:
It is not yet clear whether the defacement attack on October 18 with the ad upload was carried out by the same hacker.
The traces of this one hacker are indeed not difficult to find on the Google search engine. He has been haphazardly hacking Indonesian government websites.
On the Zone-H portal, he is recorded to have carried out 54,794 attacks with 15,143 single IPs and 39,651 mass defacements (click to see all defafements on that IP).