Threat Actors, H4CK4G0V STUDENTS Exposed DICT Security Flaws
The Deep Web Konek Team received a report early yesterday morning from a group known as “H4CK4G0V STUDENTS” about a defacement incident involving the Department of Information and Communications Technology (DICT).
According to the group’s statement, they accessed and defaced a DICT E-LGU (under the E-Gov) subdomain on May 27, 2025. The group emphasized that the breach was alarmingly easy due to exposed credentials and unpatched systems—further highlighting longstanding issues within the DICT.
Notably, this incident has been one of the targeted attacks aimed at the persistent rumors and controversies swirling around DICT employees since last March of this year. In their statement, “H4CK4G0V STUDENTS” described the defacement as a “final report card” on DICT’s cybersecurity practices under Secretary Henry Aguda’s brief tenure—insisting this was neither a ransomware attack nor a politically motivated act.
The defacement message also included a respectful mention of former Undersecretary Jeffrey Ian Dy, whom the group acknowledged as a rare example of competent cybersecurity leadership in the Philippine government.
Deep Web Konek immediately coordinated with relevant parties to confirm the incident and ensure its swift resolution. As of this writing, the compromised website is now under maintenance.
Screenshots of the actual email we received yesterday from the threat actors:
https://freeimage.host/i/3ptJbSf
https://freeimage.host/i/3ptd9N2
https://freeimage.host/i/3ptJp94
