The Philippine government portal with website address at www.gov.ph was hacked earlier today due to misconfiguration. The hackers breached the security of the server and added content on the website.
The hacker group published an unauthorized page to tell people that they have successfully hacked the Philippine government website. Recently, amid the pandemic, Pinoy Grey hat hackers were detected to be actively attacking sites to look for vulnerabilities. Phantom Troupe a well-known grey hat in the security industry who claimed responsibility of the hack also breached schools and universities and informed the school administrators about the weaknesses in their systems.
What you will see now if you go to www.gov.ph could be a hacked content, users are advised to take precaution when clicking or reading posts in the government portal as the hackers also posted on social media a screencap of what looks like the admin dashboard of the Philippine government portal.
The hacked content was already removed as of this posting.
What is a hacked content?
According to Google's Help Center, Hacked content is any content placed on your site without your permission as a result of vulnerabilities in your site’s security.
Some examples of hacking include:
Injected content
When hackers gain access to your website, they might try to inject malicious content into existing pages on your site. This often takes the form of malicious JavaScript injected directly into the site, or into iframes.
Added content
Sometimes, due to security flaws, hackers are able to add new pages to your site that contain spammy or malicious content. These pages are often meant to manipulate search engines. Your existing pages might not show signs of hacking, but these newly-created pages could harm your site’s visitors or your performance in search results.
Hidden content
Hackers might also try to subtly manipulate existing pages on your site. Their goal is to add content to your site that search engines can see but which may be harder for you and your users to spot. This can involve adding hidden links or hidden text to a page by using CSS or HTML, or it can involve more complex changes like cloaking.
Redirects
Hackers might inject malicious code to your website that redirects some users to harmful or spammy pages. The kind of redirect sometimes depends on referrer, user-agent, or device. For example, clicking a URL in Google search results could redirect you to a suspicious page, but there is no redirect when you visit the same URL directly from a browser.