If you’re a student at the University of Limpopo, you might have a difficult time accessing the institution’s website this morning.
The site has been taken over by a hacker, who originally replaced the front page with a white screen featuring the YouTube video for Trinidad James’s song ‘Just A Lil’ Thick (She Juicy)’. The song has in the meantime been changed to Phil Collin’s ‘Take a Look at Me Now’.
Underneath, there is text that reads “Your Security SUCKS get it fixed, scrap the website start over. You have been Rooted/shelled/Pwned/backdoored, Ces imbéciles universitaires ne peuvent pas obtenir un site web al tous, fous fous partout.”
The part in French roughly translates to “These academics fools cannot get a website at all, crazy crazy everywhere”.
This is the second time that the university’s website has been breached, and the hacker responsible told htxt.africa that the university hasn’t changed any of its website security since the last breach.
“Someone asked me if I went back to (the university’s website) to test their security upgrade after the first hack. So this morning I decided to try and breach them again – this time for a security test. They never fixed a thing since the hack,” the hacker told us.
He also explained that not only did the university not upgrade any of its website, but it even left some of the hacker’s tools on their server.
“They left all of my shells as-is (and) not tampered with and they hid their admin panel but I found how to access it again. All you have to do (is a simple hack trick) and (the) admin panel will pop up. I could re-upload their intranet folder, and I own their system now.”
While the hacker brought down the website due to lax security, it does bring into question the standard of South Africa’s IT security.
The same hacker as today’s breach was also responsible for the downing of 14 South African websites last month.
Most recently, South Africa’s defence procurement firm Armscor suffered a website hack last week.
Its security also wasn’t up to scratch, as the hackers (different to the University of Limpopo hacker) managed to breach the site and access the Invoice and Settlement page through a simple SQL injection.
Speaking to HackRead, the person responsible said that the website had a good number of bugs and that it “allows anyone to open a settlement by simply using supplier ID without the password.” It also stands to reason that the hacker has information on just exactly what was purchased and for what amount.
[Image – CC by 2.0/The Shifted Librarian]