Three websites that belong to Venezuela government are recently hacked by Kapustkiy, a hacker who managed to access private databases which has sensitive information.
These three sites are estudiosydesatres.gob.ve, snv.gob.ve, and sunaval.gob.ve, all of which belong to various departments of the Venezuelan government. These websites contain vulnerabilities which are exploited by the white hacker Kapustkiy.
In a statement provided to the Softpedia earlier, Kapustkiy said that the cyberattack was launched in protest to the dictatorship of president Nicolas Maduro. This is the second time he hacked Venezuelan government websites with that intention in mind.
“I am against dictatorship of Nicolas Maduro on the Venezuela. I am tired of seeing, Nicolas Maduro running as president. It is time to leave, you m******r,” reads a message that was included in a database dump.
Kapustkiy is a part of New World Hackers. He revealed that he managed to breach one of the websites using a Local File Inclusion (LFI) vulnerability it’s database, while he hacked the other two using typical SQLi exploit.
A database dump that was provided to us included what seem to be emails, names, phone numbers, and passwords (hashed) belonging to several individuals. While we can’t tell how critical these details are(yet), they all seem to be private information and none of the exposed emails are found online.
At the time of writing this article, all websites are still running fine, and it’s not yet clear if authorities in Venezuela are aware of the breach. The attempts to contact the Venezuelan government and several individuals made by the Softpedia regarding this topic ended up with no response, which is probably an indication that site administrators aren’t very keen on patching vulnerabilities exposing user data.