Stories
Slash Boxes
Comments

SoylentNews is people

Hacker Uploads Documents to WHO, UNESCO Websites

posted by Fnord666 on Tuesday September 29 2020, @07:49PM   Printer-friendly
from the brought-to-you-by-security-week...or-is-that-security-weak? dept.

upstart writes in with an IRC submission for carny:

Hacker Uploads Documents to WHO, UNESCO Websites:

A hacker has found a way to upload PDF files to the websites of several organizations, including the World Health Organization (WHO) and UNESCO.

The attack, first reported by Cyberwarzone.com, does not appear particularly sophisticated and its impact is likely low, but the same vulnerabilities could have been exploited by more advanced threat actors for more serious attacks.

The files were uploaded by a hacker who uses the online moniker m1gh7yh4ck3r. A search for "m1gh7yh4ck3r" on Google shows that in recent days they uploaded files to official websites of UNESCO, WHO, the Georgia Institute of Technology, and a Cuban government website.

Georgia Tech and the WHO have apparently removed the files uploaded by the hacker, but the files are still present on the UNESCO and the Cuban government websites at the time of writing.

Reached by SecurityWeek, UNESCO representatives said they will launch an investigation. The WHO and Georgia Tech did not immediately respond to our inquiry.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Hacker Uploads Documents to WHO, UNESCO Websites | Log In/Create an Account | Top | 12 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)

  • (Score: 2) by DECbot on Tuesday September 29 2020, @08:55PM (1 child)

    by DECbot (832) on Tuesday September 29 2020, @08:55PM (#1058767) Journal

    m1gh7yh4ck3r?
     
    Which possible American middle schooler might just have family beef against UNESCO, WHO, the Georgia Institute of Technology, and Cuba? I mean whatever did Georgia IoT ever do?

    --
    cats~$ sudo chown -R us /home/base

    • (Score: 2) by c0lo on Wednesday September 30 2020, @01:34AM

      by c0lo (156) on Wednesday September 30 2020, @01:34AM (#1058850) Journal

      I mean whatever did Georgia IoT ever do?

      Remember kids, the S in IoT stands for security (large grin)

      On a serious note, the m1gh7yh4ck3r may not even have specifically targeted the attack, likely he performed a scan for vulns and picked whatever sites happened to be found.

      A search for "m1gh7yh4ck3r" on Google shows that in recent days they uploaded files to official websites of UNESCO, WHO, the Georgia Institute of Technology, and a Cuban government website.

      Who knows how many other victims are there, too obscure for Google to index and for the journo to report.

      --
      https://www.youtube.com/watch?v=aoFiw2jMy-0

  • (Score: 2, Interesting) by Anonymous Coward on Tuesday September 29 2020, @08:55PM (5 children)

    by Anonymous Coward on Tuesday September 29 2020, @08:55PM (#1058768)

    Someone COMPLETELY forgot to investigate WHAT those PDF's contained?? oh right. No one does journalism anymore. Just sensationalist and unuseful information. Information =/= news.

    • (Score: 1) by crm114 on Tuesday September 29 2020, @09:18PM (4 children)

      by crm114 (8238) Subscriber Badge on Tuesday September 29 2020, @09:18PM (#1058775)

      Its an interesting question. PDFs can contain macros ... aka executable code.

      • (Score: 2) by MostCynical on Tuesday September 29 2020, @10:56PM

        by MostCynical (2589) on Tuesday September 29 2020, @10:56PM (#1058801) Journal

        maybe they were blank..

        (..and no one checked the meta-data)

        --
        "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex

      • (Score: 0) by Anonymous Coward on Tuesday September 29 2020, @10:56PM (1 child)

        by Anonymous Coward on Tuesday September 29 2020, @10:56PM (#1058802)

        Worse, they may contain the real facts of the UN's 'operations' and 'agenda'.
        But yes, the article does not state anything about the content. Too sensitive?

        • (Score: 2) by Runaway1956 on Tuesday September 29 2020, @11:29PM

          by Runaway1956 (2926) Subscriber Badge on Tuesday September 29 2020, @11:29PM (#1058808) Homepage Journal

          Gonna need a steganographer, or maybe a stegosaur, to get to the bottom of those PDFs.

          --
          Hail to the Nibbler in Chief.

      • (Score: 0) by Anonymous Coward on Wednesday September 30 2020, @01:04AM

        by Anonymous Coward on Wednesday September 30 2020, @01:04AM (#1058840)

        They can also contain actual executables.

  • (Score: 0) by Anonymous Coward on Tuesday September 29 2020, @11:56PM (3 children)

    by Anonymous Coward on Tuesday September 29 2020, @11:56PM (#1058811)

    @m1gh7yh4ck3r-leG SUPER@ $HACK INSTAGRAM ACCOUNT$ #202
    #[hack insta using our website #EASY] [NO
    Verification*Instant Access] #(HACK INSTAGRAM)
    @!! Updated: September 24,2020 !!@

    ( Online Users:67867 )

    Legit Way To Hack Instagram Accunt is a free tool that allows you to access
    and scrape your desired Instagram accountInstagram is one of the most
    popular social media apps today. People can share their own photos and
    videos, and find out what their family and friends are up to. Who doesn’t love
    photos of cute puppies? That being said, your Instagram account could be
    hacked by anyone at anytime. Below, we discuss why someone might hack an
    Instagram account, and how to hack Instagram without getting caught.

    About hack Instagram tool
    Hacking is an interesting activity. It is always great fun to hack Instagram
    accounts of friends. However, is it easy to hack Instagram password? It can
    surprise you that it is very easy to hack any Instagram account using this hack
    Instagram tool. Let us see the simple methods by which you can do so.
    Instahack can make hacking fun. In fact, it can be as easy and enjoying as
    having a roller coaster ride. One has to click on the ‘Start Hacking’ button and
    start your activity. All you need to know is the user name of the person’s
    whose account you wish to hack.
    Clicking on the ‘Start Hacking’ button opens up a new window. Enter the
    Instagram user name and click on the ‘Hack’ button. The system goes on to
    connect the Instagram servers and figures out the password for the account.

    ^LWhy Hack An Instagram Account?

    To See What Your Child Is Doing On Instagram
    With Instagram being one of the most popular social media apps among kids
    today, it’s no wonder parents want to keep an eye on their children’s use of it.
    Kids can be secretive, and often don’t share what they’re up to on Instagram
    with their parents. The only way for a parent to know what their child is up to
    on Instagram is to secretly access or hack their account. This is necessary to
    do, especially if the child is being targeted by predators and cyberbullies.

    To See If Your Spouse Is Instagram Cheating
    The world of social media has brought about a whole new way for those in
    relationships to cheat on their spouse. People use social media platforms, like
    Instagram, to privately message with their secret lovers undetected. It can be
    hard to gain access to these private messages unless you hack your spouse’’s
    Instagram account.

    To Keep An Eye On Your Employee
    Have that one employee who is constantly on their phone? Want to make sure
    your social media specialist is doing their job? Then, you might want to
    monitor their Instagram activity. However, there are much more efficient ways
    to monitor them without hacking like using a legit employee monitoring app.
    To Steal Your Personal Information
    We don’t condone hacking an account for malicious reasons, but wanted to
    make you aware of this one. All too often, you hear about people’s accounts
    getting hacked, and all their information being stolen. Information taken from
    accounts, like on Instagram, are used to steal peoples’ identities and finances.

    ^LAnyone could be a target of these criminal hackers, including you. instagram
    hack hack instagram how to hack instagram how to hack instagram account
    how to hack an instagram account hack instagram account how to hack
    someones instagram how to hack an hack Instagram online how to hack into
    someones instagram how to hack a instagram account free instagram
    followers hack no survey or download instagram follower hack apk instagram
    hack tools how to hack an instagram password how to hack instagram
    accounts instagram followers hack apps to hack instagram account

    ^L

    • (Score: 0) by Anonymous Coward on Wednesday September 30 2020, @12:51AM (2 children)

      by Anonymous Coward on Wednesday September 30 2020, @12:51AM (#1058831)

      is this for real?

      • (Score: 0) by Anonymous Coward on Wednesday September 30 2020, @01:37AM

        by Anonymous Coward on Wednesday September 30 2020, @01:37AM (#1058851)

        Use google search and see for yourself.

      • (Score: 0) by Anonymous Coward on Wednesday September 30 2020, @01:49AM

        by Anonymous Coward on Wednesday September 30 2020, @01:49AM (#1058854)

        No, I just made it up. /s

(1)