Sri Lanka govt Web sites hit in spate of attacks

Hacker Davy Jones breaches government sites, including that of Sri Lanka Port Authority site, Bureau of Foreign Employment, and those of two local TV stations.
Written by Ellyne Phneah, Contributor

A hacker on Tuesday breached the Web site of Sri Lanka Port Authority (SLPA), and also attacked and leaked the Web sites of two Sri Lankan TV channels and the Bureau of Foreign Employment over the last weekend.

According to E Hacking News on Tuesday, the main page had not been defaced, but instead, a Web page with a path to the "admin" folder was uploaded. SLPA is a government agency in charge of the development and maintenance of all commercial ports in Sri Lanka.

The defacement page uploaded to the Sri Lanka Ports Authority "admin" folder. (Credit: E Hacking News)

The defacement page read: "You have been hacked by Davy Jones. We are always here to give boots to asses!"

Other sites hacked, leaked on pastebin

Over the weekend, the same hacker breached the Web sites of two Sri Lankan TV Channels, Rupavahini TV and One SriLanka, and the Bureau of Foreign Employment site, according to a separate report on E Hacking News.

Davy Jones claimed that he had hacked Rupavahini TV channel's database server and leaked it in a pastebin post. The paste had contained database details and credentials stolen from the target server, including administrator username, e-mail Ids, and password hash with salt.

He also said that he hacked the Web site of One SriLanka, extracting data with 1,000 e-mail IDs and passwords, in a separate pastebin post. The paste also included a mediafire download link that contains the dump comprised from the One SriLanka TV Web site.

Last week, Davy Jones also hacked into the Sri Lanka Bureau of Foreign Employment's Web site, and leaked the database on pastebin in a similar manner, with the leak containing log-in credentials, including admin IDs and passwords.

These are the latest in a spate of cyberattacks against Sri Lankan Web sites. Last week, the official Web site of Sri Lanka Media Center for National Security (MCNS) had been hacked and defaced by a hacker calling himself Game Over, as reported by news site ColomboPage. He had redirected the Web site to another site and gained access to the servers, taking away and leaking hundreds of log-in information details of site users.

Editorial standards