There’s a ph(dot)gov website located at
canaman(dot)gov(dot)ph
which serves the region of Canaman in the Philippines. The homepage as it currently stands:
We heal diseases, imperfect world. War is declared against you [expletive deleted]
Whoever our Moroccan hacker is, they’re not particularly happy about ISIS from the looks of it (there’s also mention of racists, atheists and the corrupt further down the page but it’s clear who receives the bulk of the ire on this occasion). There appears to be nothing harmful to visitors of the page at time of writing – there is some obfuscated Javascript, but when pulled apart we’re left with code from a statistics counter.
Even so, anybody who had been planning to use the page should consider avoiding for the time being – even if the initial compromise isn’t harmful to visitors, someone can always come along afterwards and re-hack the site, alongside adding malicious files / exploits. Indeed, on Feb 23rd the site was hosting a banking phish, so who knows what’s happening behind the scenes.
We’ll update this entry as and when the site is patched up.
Christopher Boyd
