Black hat hackers attacks local websites using new Drupal exploit called Drupalgeddon2

Published April 21, 2018, 5:17 PM

by Francine Ciasico

By AJ Dumanhug

Multiple local websites were attacked by different black hat hackers on April 21, 2018, leading to the defacement and leakage of sensitive information on some websites.

In this Tuesday, Jan. 31, 2017 photo, a computer screen shows an archived copy of the Twitter feed belonging to Phineas Fisher, a hacker who claimed responsibility for breaching the union of the Mossos d'Esquadra, Catalonia's regional police, last year. Spanish police have arrested three people over a data breach linked to a series of dramatic intrusions at European spy software companies — feeding speculation that the net has closed on an online Robin Hood figure known as Phineas Fisher. (AP Photo/Raphael Satter) | Manila Bulletin
(AP Photo/Raphael Satter) | Manila Bulletin

The Drupal security team released patches on March 28, 2018 for CVE-2018–7600 also known as Drupalgeddon2, an unauthenticated remote code execution vulnerability in Drupal core. This vulnerability affects Drupal version 6, 7 and 8.

Secuna strongly recommends users to apply all critical patches and fixes that vendors provide for security issues as soon as possible. These patches will provide the strongest level of defense against any potential attacks like this one.

For more information, visit

Here are the list of Hacked Local Websites:

Government (Official Website of Laguna) (Department of Energy) (Department of Trade & Industry) (Philippine Statistics Authority) (Bottom-up Budgeting of the Government) (Regional Human Rights Commission of ARMM) (Department of Education) (National Meat Inspection Service) (Department of Education in Cordillera Administrative Region) (Provincial Government of Laguna) (Small Business Corporation a government financial institution) (National Library of the Philippines) (Overseas Workers Welface Administration) (Quezon City Private Lying-in Clinics) (National Historical Commission of the Philippines) (Local Government of Milaor Camarines Sur) (Local Government of Sagnay Camarines Sur) (La Carlota City Water District)

Academe (Asia Pacific College) (University of the Philippines Diliman) (Technological Institute of the Philippines) (Koinonia Theological Seminary Foundation, Inc) (Philippine College of Occupational Medicine) (VMA Global College & Training Centers, Inc.) (University of Makati)

Private (Composite Technology, Inc.) (Flight and Simulator Training Academy, Inc.) (Filigrenasia) (SM Group) (Nameless) (AY Foundation, Inc.) (Ernest Logistics Coporation) (BuySellAds) (IdealVisa Consultancy Philippines) (Philippine Water Works Association) (LPM Construction Supply and Wood Center Corporation) (The Petshop) (iBuild Web Solutions)