The guys over at the NFC can’t really catch a break. The National Feedlot Corporation have had a lot of bad luck lately, but I guess when you get an RM250 Million dollar government loan when you’re wife is a Government minister–you’ve probably already had your fair share of good luck.
With the recent arrest of Rafizi Ramli, the up and coming PKR young gun–the SGP Cyber Army decided enough was enough.
Who is Rafizi you ask? He’s the guy who debated with Khairy in the UK, he’s the guy who spearheaded the attack against the NFC, he’s the guy revealing documents about George Kent and the LRT project, and he’s the guy proposing abolishing the ridiculously high taxes Malaysians pay for cars. Yeah–all of that comes from one guy–Rafizi, and right now he’s being charged under a law no one except Bankers give a crap about.
So with his recent arrest, some hackers in his defense–decided to go on offense, and they set their eyes clearly on a big target–no not Sharizat–but the NFC website, and boy did they hack it well.
Malaysiakini reported the NFC website hacked at 10:40am yesterday. The site remain hacked well into the evening, going down at about 8-9pm by my reckoning, and even then by merely disabling the IIS.
So how did the SGP cyber army do it? I’m not entirely sure, but what I do know is this:
1. The NFC Website runs on WordPress 3.3.1 (or should I say ‘ran’). That’s not the latest version. However, unless it’s a multi-site instance I don’t think there were any discovered vulnerabilities with WordPress 3.3.1. My blog isn’t up to date either.
2. The NFC website is hosted on Exabytes. A Malaysian hosting company (pretty good one at that)
3. Judging by the error message I receive now when visiting the site, it seems to be running on IIS (and hence Windows).
However, besides the obvious point of how they did it, what they did was equally entertaining:
Click here to view the google cache version of what the site looked like after it was hacked.
In case the Google cache isn’t working, then you download a snapshot I created of the Google Cache of the hacked NFC Malaysia Page.
Here’s a short preview: