The official website of the Civil Aviation Authority of the Philippine (CAAP) has been defaced by hackers claiming to be ‘Anonymous-ghost’.

Instead of the usual CAAP announcements, the content of the website was replaced with foreign characters and a note saying, “You have been hacked!”

The site’s webmasters quickly removed the vandalized page and put the website under maintenance mode. However, the hack might have gone unnoticed for a while since Google has already picked up the foreign characters and displayed it in the search engine’s results page.

Google search result showing the defaced CAAP website.

Google search result showing the defaced CAAP website.

Several government websites have fallen to hackers for the past months including the massive hack of COMELEC’s voter database in 2016.

Based on the analysis of digital security website NullForge, the hack might have been the result of an outdated Joomla installation. There is a known security threat to version 3.6.5 of the CMS but the websmasters failed to upgrade to the latest stable version.

Nevertheless, no sensitive information was compromised in the attack according to CAAP spokesperson Eric Apolinario. He added that the website is now being migrated to a more secure platform and server.

Source 1, 2