Due to the conflict between the two countries, various cyber attacks dec Russia and Ukraine have been carried out. However, nowhere is this incident related to cyberattacks. The hacker managed to break into the Regional Ministry of Health of Russia without complex techniques and methods.
Known by the nickname “Spielerkid89”, he was able to manage a system belonging to the Regional Ministry of Health of Russia. He claimed that he did not do this intentionally for bad purposes. However, he gave an excellent example of how a government organization is vulnerable due to poor security practices.
Russia, known for its destructive capabilities in the field of military and cyber defense, was vulnerable to something they would never have thought of. As the facts prove, Russia is preparing to get rid of the global Internet.
The hacker chose to remain anonymous regarding his personal identity. Spielerkid89 was working on a series of scans of vulnerable IP addresses belonging to Russia. He used the Shod Dec search engine, which was widely used by the attackers. He was able to find an open Virtual Network computing (VNC) port where authentication was disabled.
VNC is widely used by people working in remote places. Technically, VNC is used to access a work computer from home or anywhere else. Usually, it includes an authentication method for specifying the user name and password set by the system administrator. Systems assigned specifically to employees are configured using VNC authentication, and their users are provided with credentials. As can be understood from the reports of the Russian ministry, it seems that there was no authentication in the system on the VNC port detected by Spielerkid89. This led to full control over the system, where he could see the files and other things that were in the system.
“I was able to access people’s names, other IP addresses pointing to other computers on the network, and financial documents” – Spielerkid89
As proof of his attack, the hacker also released a screenshot.
A malevolent hacker could take use of this flaw in any way he wanted, including ransomware, moving inside the network laterally, stealing critical information, and even deploying malware.