silversurfer

Level 66
Verified
Trusted
Content Creator
Malware Hunter
A hacker has found a way to upload PDF files to the websites of several organizations, including the World Health Organization (WHO) and UNESCO.

The attack, first reported by Cyberwarzone.com, does not appear particularly sophisticated and its impact is likely low, but the same vulnerabilities could have been exploited by more advanced threat actors for more serious attacks.

The files were uploaded by a hacker who uses the online moniker m1gh7yh4ck3r. A search for “m1gh7yh4ck3r” on Google shows that in recent days they uploaded files to official websites of UNESCO, WHO, the Georgia Institute of Technology, and a Cuban government website.

Georgia Tech and the WHO have apparently removed the files uploaded by the hacker, but the files are still present on the UNESCO and the Cuban government websites at the time of writing.

Reached by SecurityWeek, UNESCO representatives said they will launch an investigation. The WHO and Georgia Tech did not immediately respond to our inquiry.

The PDF files uploaded by the hacker are related to online game hacks and hacking Facebook and Instagram accounts. The documents contain links that point to various hacking services and tools. These services and tools appear to be fake and they lead users to various types of scammy websites.
 

Andy Ful

Level 65
Verified
Trusted
Content Creator
Shortly:
The uploads that happened to the chhs server [the impacted GA Tech server] are an example of an attack on misconfigured websites that has seen an uptick in popularity in the past few months. This kind of website spam attack is somewhat unusual, as it doesn't depend on weak credentials, nor upon outdated software. It depends, instead, on the specific configurations of CMSs and their form-related plug-ins/modules (OWASP top 10 category "Security Misconfiguration"). For this reason, this kind of issue is not easily scanned for with most existing commercial vulnerability scanners. We have attempted to address the problem though education and monitoring,

There are so many misconfigured websites ....:(
 
Top