November 23, 2016
Shad0wS3C leader Gh0s7 has managed to hack another website, this time belonging to Instituto de la Función Registral del Estado México (also known as IFREM).
Gh0s7 told us that he discovered a vulnerability in their server that allowed him to get the main database file, which includes sensitive information such user data, passport details, and other personal information that was exposed in the breach.
The hacker explains that he didn’t hack the website for hacktivism, but to show the world that his team Shad0w Security (Shad0wS3C) is back in business.
“I didn’t do this for hacktivism purpose but to show that my team is back and more will be coming soon. we are now a hacking team,” he told us, suggesting that more breaches are likely to be announced in the coming days.
Additionally, Gh0s7 told us that he didn’t report the problem to the site’s admin because “the government doesn’t have a bug bounty program,” but we’re pretty sure that the attack would be investigated now that details went public.
The first time the hacker managed to breach the website was in September, but he only now managed to get their entire database, so for some reason, IFREM failed to increase their website security and prevent further hacks.