Suspects behind hacking of gov’t website nabbed

The National Bureau of Investigation (NBI) said Thursday it has arrested individuals allegedly behind the hacking of a government website, including a government employee.

NBI Director Jaime Santiago said their operatives arrested “NEWBIEXHACKER” in Tagaytay City on July 8 and retrieved a file that contained code-protected and sensitive information from the database of the Philippine Navy. 

“NEWBIEXHACKER” told the operatives that the data was sent to him by “HAXINJA,” who has the access code for the said data. 

Following this, a confidential informant contacted “HAXINJA” and agreed to collaborate with him. The NBI said “HAXINJA” confirmed that he has the passcode to access a Philippine Navy file and would give it during their meeting on July 16 in Cagayan de Oro City.

Authorities then conducted an entrapment operation and arrested “HAXINJA” after he gave access to the hacked file.

The NBI said the information was found to be strictly confidential and other files in the drive contain multiple documents and photos from the database of the Philippine Navy. 

Meanwhile, the agency also arrested another hacker “D4rkJ1n" in Quezon City. The NBI said he attempted to flee on a motorcycle taxi but was apprehended at the intersection of EDSA and Main Avenue, Cubao after a brief chase.

“May nahuli kami na tatlo. They are what we call Blood Sect International, BSI. Isang grupo sila na sila rin ang responsible, kung natatandaan niyo ‘yung 2016 Comelec hacking,” Santiago said in a press briefing. 

(We arrested three individuals. They are what we call BSI. They are responsible for the 2016 Comelec hacking.)

Santiago said that one of those arrested is an employee of the Philippine Navy.

However, he said he cannot disclose yet the employee’s name due to an ongoing investigation.

According to Philippine Navy spokesperson Commander John Percie Alcos, the employee has been with them for around two to three years.

“He was responsible for the detection of the first cyber attack and eventual protection of the system from any further intrusions,” Alcos told GMA News Online.

“I cannot disclose further details because there is still an ongoing investigation,” he added.

Alcos said the Navy has strengthened its cybersecurity.

According to the NBI, “HAXINJA” was presented for inquest proceedings for violations of the Cybercrime Prevention Act of 2012 and the Data Privacy Act of 2012. 

Meanwhile, “D4rkJ1n” was presented for inquest proceedings for violation of the Cybercrime Prevention Act and the Electronic Commerce Act of 2000.

According to John Consulta's report on "24 Oras," the leader of the Blood Sect Hackers said they performed a penetration test upon the request of a member who is a Philippine Navy personnel.

“Napag-usapan namin na siya pala ay nagdedevelop ng websites nila. Binigyan niya ako ng link at sinabing kung pwede kong i-pentest. Ako kampante na isa siyang miyembro ko, matagal na.

Agad agad kong naaccess ang hidden directories. Ito ay nireport ko agad sa kanya. Pagkatapos ko mareport sa kanya, hindi ko na alam kung binigay niya sa management kasi ang goal ko lang ay to help the government,” the Blood Sect Hackers leader said.

(He told me he was in charge of developing the Philippine Navy website. He gave me a link and asked if I could penetrate test it. I believed him because he was one of our long-time members. After I accessed the hidden directories, I immediately told him. I do not know if he relayed it to the management because my goal was to help the government.)

“Nagsisisi ako sa nagawa ko, pasensya sa mga damages, dahil 'di ko na-report yung involved ang website ng navy," the arrested Philippine Navy member said.

(I regret what I did. I am sorry for the damage because I did not report to the involvement of the navy website.)

He added that the hacking did not involve money.

The Philippine Navy said those involved would be held accountable. It said it would also strengthen the cybersecurity of their data. —Joahna Lei Casilao/AOL/NB, GMA Integrated News