LTO.GOV.PH Website Hacked!

Posted by on Nov 21, 2007 in Uncategorized | 10 comments

The Land Transportation Office Philippines (LTO.gov.ph) gets hacked by a Turkish hacker named iSKORPiTX.

LTO hacked
(image courtesy of technogra.ph)

As of 8AM this morning, November 21, 2007, the Iskorpitx website hack message was still displayed.

Iskorpitx is notorious for hacking the most websites simultaneously.

Thought to be a 45-year-old Turkish man, Iskorpitx successfully hacked at least 21,549 sites at once (a tally is still being made-expect the final count to be much higher), defacing pages on all of them. His signature included a Turkish flag, his handle and country of origin, and several repetitions of the “f-word” next to the names of France, Greece, and Armanian – SecurityProNews

According to Stokia.com:

…the mass defacement appears to be related in some way to sites registered or hosted through godaddy or secureserver.net.

zone-h.org has text file that contains a list of the defaced sites at http://www.zone-h.org/defaced/list.txt. We have done a whois search on about 30 sites in the list. All show godaddy as the registrar.

The hack seems to have been done through a asp script that is automatically installed on all hosting customers accounts on these particular servers.

The mass defacement was placed in a sub directory on each site. /ssfm/isko.htm

At this time, I’m trying to reach LTO to inform them about the situation. I’ll keep you updated.

10 comments

  1. Mike Abundo
    21 Nov ’07

    Careful, dude. You know what this government does to whistleblowers.

  2. jozzua
    21 Nov ’07

    LOL. Nice one Mike.

  3. Roanne
    21 Nov ’07

    Whoa. Scary. :P Scarier than google bomb. Ha-ha!

  4. Peach
    21 Nov ’07

    Eeew! Real Scary! Hope he simply overlooks small time websites like mine which doesn’t even appear in traffic rank of Alexa! :)..Glad i didn’t get Godaddy as host!

  5. charlemagne
    21 Nov ’07

    saw this around 4am.. obvious na walang magawa sa shift hehehe… as of now mukhang back to normal na ulit..

    # Mike Abundo on November 21st, 2007 5:43 am

    Careful, dude. You know what this government does to whistleblowers. — no wonder wala nang silbato mga pulis ngayon =)

  6. jozzua
    22 Nov ’07

    Just an update, Ms. Google errr Ms. Apolo got in touch someone from government and informed them of what happened. Seems they have resolved it.

    Peach, GoDaddy came out with a statement that this was a Windows server vulnerability, and they have addressed the situation.

  7. arpeelazaro
    23 Nov ’07

    was this turkish hacker ever caught or penalized for the defacement?

  8. jozzua
    24 Nov ’07

    No, Arpee, I don’t think he was ever caught.

  9. soc
    3 Dec ’08

    hehehe..aus…

  10. RYAN
    16 Apr ’11

    MAGANDANG ARAW PO NAIS KO PO SANANG IPAG BIGAY ALAM SA INYO ANG NANGYARI PO SA AKIN KANINANG UMAGA MGA 9:30 SA ARANETA AVE. NANG AKO PO AY BANGGAIN NG ISANG TAXI, ANG AKING BIKE NA SINASAKYAN DAHIL NAG OVERTAKE PO SIYA SA ISA PANG SASAKYAN ANG PLATE #ZXE 302 PO ANG BUMANGGA SA AKIN NAG KAGALOS PO AKO SA KALIWAT KANANG BRASO AT SUGAT SA PAA AT PASA SA TAGILIRAN HINDI MAN LANG AKO TINULUNGANG TUMAYO BAGKOS HUMARUROT PA NG MABILIS PARA MAKAALIS SANA PO MABIGYAN ITO NG PANSIN

Trackbacks/Pingbacks

  1. Land Transportation Office Website Hacked by Turk - [...] Jozzua.com has more info on the Turkish hacker iSKORPiTX: Thought to be a 45-year-old Turkish man, Iskorpitx successfully hacked ...