Hack attack

Sun, 02/01/2015 - 12:09


by Alan Robles

On the morning of Saturday, January 31,  I discovered my site had a very unfamiliar front page. I didn't recall uploading it.

In fact it had been hacked.

It was the first time it had ever happened to Hot Manila, which came online in 2000. My only other direct experience with hackers was that year, when I became the first journalist to give details of the ILOVEYOU virus (it so happened I had been visiting some hacker forums the night before the virus was unleashed).

Saturday's attack was perpetrated by an alleged group expressing alleged outrage over the fact that President Benigno Aquino III had not been present at Villamor Air Base on Thursday when the bodies of 44 Special Action Force police commandos arrived. The hacker(s) replaced Hot Manila's index page with a message, complete with music piped in from YouTube, demanding "respect" and "justice" for the commandos who had died in combat. 

I was surprised: I never realized Hot Manila was so worthy of  attention from hackers. Was it because of my 15-year old story about hackers? My humor column on the Filipinos' lack of a satire gene? The jokes about Filipino English? Were they that bad?

It couldn't have been about anything I had written about the Villamor ceremony -- because I hadn't written anything about it. The only story I had done about the Mamasapano battle was a reconstruction of events based on available reports. At any rate, the hacker or hackers - they go by the name BloodSec International - had no personal messages for me, reprimanding me for my naughtiness or evil, or otherwise explaining why my site was singled out for attention.

When the Drupal programmer who had built the site examined it, he said it had been hacked through an exploit that had been publicized late last year. There was a login flaw that allowed vandals to plant shell scripts and let themselves in through a backdoor. In Hot Manila's case the exploit worked because the CMS hadn't been updated. The programmer cleaned up the site quickly and closed the backdoor, but I asked him to hold off immediately uploading the restored front page because I wanted visitors to see the hackers' work.

As the day developed I found out Hot Manila was far from being the only target for pseudo-patriotic vandalization. BloodSec also took down a whole clutch of government websites. So why was mine targeted? Perhaps it's because Hot Manila had two things in common with the others: first was the domain extension ".ph", Second was the backdoor vulnerability. I am guessing that the hackers ran a bot that searched for the vulnerability in all sites with the extension .ph - and mine got scooped up. It was somewhat ego deflating to consider my site was targeted merely because it was part of a crowd that happened to be exploit friendly. 

What can I say about BloodSec International? It's full of itself.  Their opening phrase "it has come to our attention" is a dead pscychological giveaway - intended to make whoever writes it feel important. Also it doesn't seem to be particular about these important things called "facts." To begin with, what we have is an Aquino administration, not a reign, for the simple reason that Aquino is a President, not a king. And, let me get this straight: BloodSec hacked all these sites to hold the president accountable for, among other things, being 10 minutes late to the necrological service? If you're going to get all twisted up about Filipinos being tardy, you might as well hack the entire archipelago. Also, the hackers seem to have overlooked the fact that Aquino stayed 12 hours with the families of the fallen.

BloodSec has been called a "hacktivist" group, but it they're activists, how do they lean? Liberal? Anarchist? Libertarian? Vandal? In a country rife with corruption and human rights abuses, BloodSec focuses on the President's no-show at the air base. Hey hackaloons, how about the Ampatuan massacre? Has your attention been called to that? Is touching that too dangerous for you kids? Well how about the abusive telcos and the crappy service they give? Oh wait, you probably wouldn't want to mess with them, they might track you down, right? Or how about staging an action specifically against the government clamping down on the Internet through the Cybercrime Law? Isn't that right up your alley? On second thought, hacking the Department of Justice or the National Bureau of Investigation might result in serious charges. Wouldn't want that would we. So just go for the low-lying fruit - in my case a small media website.

Of course, it's possible they also targeted my site because I dared to write something that wasn't part of the war chorus. Prior to the hack I DID post some tweets about Mamasapano. Just in case it was those tweets which got my site shoved into the pile of targets, well, here they are again, conveniently lined up in one page:

Jan 27: http://www.twitlonger.com/show/n_1ska0jd

The SAF were looking for trouble and they found it. They weren't exactly tourists or helpless civilians, they were fighting a battle which they apparently triggered and they lost. They ran out of plans, ammunition and backup. Direct the fury at the commanders and leaders responsible for this cockup: the ones who ordered it and sent elite units without any support, coordination, notification, contingency plans, alternative routes, rescue forces or extraction procedures. The ones who are now trying to distance themselves from this mess


Jan 28: http://www.twitlonger.com/show/n_1skamfv

To the bloodthirsty safe-in-Manila warriors shrieking for "all out war". Numerous governments tried that already. Many times. Over many years. All it produced was perpetual war. And death.

and this

Who signed the order that deployed the SAF on that Sunday operation?

and this

Who ordered the operation? Was the MILF told? Was the AFP informed? Were no arrangements made for support and backup?

Jan 29

dear Hard Left Hooligans, yr sympathy 4 police s touching. Tell me, do u also express the same grief for soldiers killed by the NPA?

and this: http://www.twitlonger.com/show/n_1skbnqm

Has anyone given credit and accolades to the members of the Coordinating Committee on the Cessation of Hostilities? If reports are true, they are also heroes. Armed with nothing more than the thin vests they were wearing, they plunged into the carnage of Mamasapano, and pleaded with the soldiers on either side to stop firing. Eventually their efforts paid off and the two sides disengaged. It's possible they helped avert the battle, bad enough as it was, from spinning out of control into a resumption of full-blown war.

Jan 30 http://www.twitlonger.com/show/n_1skc7c5

To the "blood and guts let's go to war wahoo" weenies: the SAF fought to the last round and probably didn't surrender. What makes you think the MILF will be different? You really think pounding them with artillery and airstrikes will make them roll over and see the error of their ways? Hint: We did that for decades; how did that turn out?
How about this scenario: the all-out war you are screaming for escalates all the way to Manila and some demented terrorist bomber blows your house and weenie ass up? Audience participation, right?



Add new comment