A group of online hackers calling themselves Cyber TeamRox have breached several local websites over the past two days, including those of the Cambodian Navy, AEON Microfinance and Build Bright University.
In what appears to be a random selection of targets, a hacker with the group using the alias Harith101, has disrupted at least a dozen websites since Sunday. In some cases, visitors were greeted by a “Hacked by Hanrith101” message and were unable to enter the site.
Defence Ministry spokesman Chhum Socheath confirmed yesterday that the hackers had been able to access data within the Navy’s website but said the information was not sensitive.
“Now, the IT technical group had a meeting to track down these issues,” he said. “We are looking for the suspects.”
The Facebook page of Cyber TeamRox makes reference to hacking the sites of the Ministry of Tourism and the National Institute of Social Affairs.
Contacted yesterday, the two government agencies did not report any hacking activity and the websites appeared to be functioning normally.
The Facebook page reveals little of the hacker group’s motives, but yesterday it reposted a video first published by the global hacker network Anonymous in September 2013.
The video was originally posted amid mass protests sparked by the disputed results of the election that July. It warned the Cambodian government that it had made an enemy of Anonymous after it had “disregarded the request of the people”.
At the time, the collective’s local branch, Anonymous Cambodia, had begun a hacking campaign that would see more than 30 government websites and private companies hacked.
Niklas Femerstrand, a Phnom Penh-based cyber-security and networking consultant, said yesterday that the latest threats from Cyber TeamRox were relatively unsophisticated and that the hacker group was most likely based outside of Cambodia.
“I don’t think they are targeting Cambodia in general, although they did make a reference to Anonymous Cambodia on their Facebook page, possibly after defacing a couple of simple targets and then attempting to blow it up,” he said.
According to Femerstrand, the group was likely using an automatic website defacement program that replaces a web page with its own image, but is an easy problem to fix.
“I don’t believe that they have programmed something impressive on their own. If anything, it’s just an interface for existing exploits [programs written to take advantage of known security vulnerabilities] that are available for download on the internet,” he added.
Although most of the affected websites had been restored by print time, the hack had left website hosts frustrated.
The website of the Artisans’ Association of Cambodia, which provides a portal for access to about 50 social enterprises, linking them to buyers overseas, was also a target of the attack.
“I have no idea why they would do this,” said association director Men Sinoeun.
Other victims of the attack declined to comment or could not be reached.
Cyber TeamRox did not respond to Facebook requests for comment yesterday.
Contact PhnomPenh Post for full articlePost Media Co Ltd
The Elements Condominium, Level 7
Hun Sen Boulevard
Phum Tuol Roka III
Sangkat Chak Angre Krom, Khan Meanchey
12353 Phnom Penh
Tel: +855(0) 23 888 161 / 162
Fax: +855(0) 23 214 318