Hacker Uploads Documents to WHO, UNESCO Websites

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,151
Content source
https://www.securityweek.com/hacker-uploads-documents-who-unesco-websites
A hacker has found a way to upload PDF files to the websites of several organizations, including the World Health Organization (WHO) and UNESCO.

The attack, first reported by Cyberwarzone.com, does not appear particularly sophisticated and its impact is likely low, but the same vulnerabilities could have been exploited by more advanced threat actors for more serious attacks.

The files were uploaded by a hacker who uses the online moniker m1gh7yh4ck3r. A search for “m1gh7yh4ck3r” on Google shows that in recent days they uploaded files to official websites of UNESCO, WHO, the Georgia Institute of Technology, and a Cuban government website.

Georgia Tech and the WHO have apparently removed the files uploaded by the hacker, but the files are still present on the UNESCO and the Cuban government websites at the time of writing.

Reached by SecurityWeek, UNESCO representatives said they will launch an investigation. The WHO and Georgia Tech did not immediately respond to our inquiry.

The PDF files uploaded by the hacker are related to online game hacks and hacking Facebook and Instagram accounts. The documents contain links that point to various hacking services and tools. These services and tools appear to be fake and they lead users to various types of scammy websites.
Click to expand...
www.securityweek.com

Hacker Uploads Documents to WHO, UNESCO Websites

A hacker has uploaded PDF files to the websites of several organizations, including the WHO and UNESCO
www.securityweek.com www.securityweek.com
 
  • Like
  • Wow
  • +Reputation
Reactions: Protomartyr, bayawak69, Andy Ful and 5 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,119
Shortly:
The uploads that happened to the chhs server [the impacted GA Tech server] are an example of an attack on misconfigured websites that has seen an uptick in popularity in the past few months. This kind of website spam attack is somewhat unusual, as it doesn't depend on weak credentials, nor upon outdated software. It depends, instead, on the specific configurations of CMSs and their form-related plug-ins/modules (OWASP top 10 category "Security Misconfiguration"). For this reason, this kind of issue is not easily scanned for with most existing commercial vulnerability scanners. We have attempted to address the problem though education and monitoring,

There are so many misconfigured websites ....:(
 
  • Like
Reactions: Protomartyr, silversurfer, ForgottenSeer 85179 and 2 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Applause
    • Like
Security News Hacker arrested for selling bank accounts of US, Canadian users
Replies
0
Views
994
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Applause
    • +Reputation
    • Like
Dutch hacker jailed for extortion, selling stolen data on RaidForums
Replies
0
Views
1,067
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
[correlate]
    • Like
    • +Reputation
    • Wow
Winter Vivern APT group uses unknown set of espionage campaigns to strike government and private entities
Replies
0
Views
366
News Archive
[correlate]
[correlate]

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top