According to the portal Tengrinews.kz, the site of Maslikhat of Almaty was hacked today. Currently, the site is functioning normally, however, there are no comments or press releases from the site owner. Currently, the site is functioning normally, however, there are no comments or press releases from the site owner.
The specialists of TSARKA say that the site is functioning on CMS DLE version 9.х, as evidenced by the logo of this CMS (http://www.mga.kz/engine/skins/images/logos.jpg), inherent in the versions of this release. The service page of the site http://www.mga.kz/engine/ajax/updates.php also displays a message about the need to update the content management system. In addition, a copy of the CMS is unlicensed, as evidenced by the link in the template of the main page of the site, leading to the portal http://tutdlenet.ru/. Currently, version 11.2 is relevant, which indicates that site owners are disregarding information security issues, in particular, the need to constantly update third-party CMS and use licensed software, because unlicensed copies distributed through third-party portals often contain backdoors for subsequent unauthorized access to sites, as well as insufficient information security for an external resource.
According to a screenshot of the hacked site, the hacking was carried out by the ShadowTeam group. The specialists of TSARKA discovered that this group today also carried out a massive hacking of sites in the gov.kz zone, namely, the sites of the regional government agencies of North Kazakhstan District:
At all of these sites are currently on any action to eliminate the hacking is not performed. According to the experts of TSARKA, there is actually a hacking of the server on which all these sites are located - 22.214.171.124 (Kazakhtelecom JSC), including the site of Maslikhat of Almaty.