Istana site hacking: Businessman and student questioned

[BuiKia]

One is an Institute of Technical Education (ITE) student, while the other is a middle-aged, small business entrepreneur.

Melvin Teo, 17, and Mr Delson Moo, 42, are the duo believed to have been questioned by the police last week over a recent alleged hacking of an Istana webpage, The Straits Times learnt yesterday.

On Tuesday, the police did not identify them but revealed that two suspects were involved in the Istana cyber intrusion, along with two others who allegedly hacked into the Prime Minister's Office (PMO) website on the same day - last Friday.

The two pairs are not connected to each other and did not act in concert but they had "exploited a vulnerability of those sites to display pages from other sources", according to the police.

 

[BuiKia]

 

[Narong Wongwan]

These 2 are patriotic heroes.
More of them should step up.

 

[YanDao]

Kudos to SDP!

 

[SockPuppet]

Kudos to SDP!

what is this about? You mean to say that there is a link?

 

[tonychat]

PAP ib in action again. why like to wayang and show this and that.

 

[singveld]

maybe hacker hack into their system, and through their IP, they attack the system.

 

[Suspicion]

ITE student gets probation for hacking into Istana website

The Straits Times Monday, Aug 04, 2014

Melvin Teo, 18, is the second person to be convicted of unauthorised use of a computer service by hacking into a government website.

He had admitted to one of four charges of gaining unauthorised access to the server that hosted the Istana webpage at about 12.45am on Nov 8. He did this after communicating with Delson Moo Hiang Kng, 43, who was fined $8,000 on June 5 for a similar cyber attack around the same time.

Get the full story from The Straits Times.

Teen admits hacking Istana site for 'a joke'

By Elena Chong

A student has admitted hacking into the Istana's website in what he claimed was a "harmless joke". Melvin Teo Boon Wei yesterday became the second person to be convicted of unauthorised use of a computer service by hacking into a government website.

The Institute of Technical Education (ITE) College Central student carried out a cross site scripting (XSS) attack on the portal on Nov 8 last year after communicating with Delson Moo Hiang Kng, 43, who was fined $8,000 on June 5 for a similar cyber attack around the same time.

The 18-year-old first-year Nitec electronics student admitted to one of four charges of gaining unauthorised access to the server that hosted the Istana webpage at about 12.45am on Nov 8.

He hacked into the site to display the phrase "Melvin Teo For The Win!" with two caricatures of himself and some Chinese characters.

The court heard that XSS attacks are performed by "injecting" a script into the Web application by exploiting a security vulnerability - in this case the Google search page embedded in the Istana website.

Instead of entering pure text search terms, Teo entered hypertext markup language (HTML) code that he had crafted.

Deputy Public Prosecutor Kumaresan Gohulabalan said Teo learnt about the vulnerability on the Istana website from other users on Facebook. At the time, XSS scripts that had been used to compromise the Google search page on the Prime Minister's Office (PMO) website were being disseminated on the Internet.

After the search function on the PMO website was disabled, Teo injected the modified script into the Istana website.

DPP Kumaresan said that although Teo's defacement did not cause any damage to the contents of the Istana server, it had inconvenienced the website operator as well as potential users.

"XSS attacks can be used for more pernicious purposes than just defacing Web applications," he said.

"Attackers can create pages that look identical to Web applications where victims enter confidential personal information and, subsequently, use XSS to steal this information - such acts would be a form of 'phishing'."

He argued it was in the public interest to ensure cyber security and public confidence.

Teo's lawyer V. Esvaran said his client did not realise the serious nature of the offence at the time. He was very contrite, remorseful, ashamed and regretted his folly.

"The accused's naivety and curiosity, coupled with the encouragement and influence of mature, older individuals and his belief that he was only causing a harmless joke, caused him to commit the offence," he said.

Community Court Judge Lim Keng Yeow called for a probation report on Aug 4.

The maximum penalty for the offence is a $10,000 fine and three years' jail.

[email protected]

 

[phouse3]

Poor guys. The WP has abandoned both of them. kee kee koo kee kee.

All of Delson Moo's write-ups on WP since after Lilian won PEBE have been removed from the internet.

 

[Leongsam]

The opposition parties are certainly full of shady characters.

Anyone who wants to replace upright and honorable PAP members with this bunch of hackers and crooks must be truly mad.

 

[Confuseous]

The "security" of the govt web sites is a big big joke.
When an ITE student and the average businessman can hack into them.