Back in November 2008, popular local classified ads site Sulit.com.ph was hacked. Members accessing the site then were surprised that they were instead seeing a parked domain. Rumors abound that whoever owns that Sedo account must have earned a lot because the thousands of visitors of Sulit were redirected to that Sedo-parked site.
Last week, the company in charge of .ph domains in the country — aptly named DotPH — published on their site the results of their investigation about the Sulit.com.ph hacking incident.
In that juicy article reminiscent of ABS-CBN’s show SOCO: Scene of the Crime Operatives, DotPH identified the culprit as Alex Laguilles, a Legaspi City, Albay resident.
The full investigation results can be read here. A few excerpts:
On 9:24 p.m. of November 6, 2008, the hacker logged into the DotPH system and exploited a vunerability on the website where the primary user of a domain account was changed to a new user.
After successfully logging in as the primary user of the Sulit domain, the hacker changed the site’s nameserver to the nameserver of his Sedo-parked site.
DotPH, however, has all these transaction logs and with the help of Sedo and the hacker’s internet service provider (ISP) Bayantel, the IP address and exact location of the hacker were identified.
When that same IP address range logged into DotPH and registered seven (7) new domains, it triggered an alarm and DotPH immediately checked who the owner of the account is. They discovered that the domains were created under the account of an Alex Laguilles from Gov. Forbes St., Legaspi City, Albay.
DotPH did not want to immediately confront Laguilles about the hacking incident but instead called him to inquire about the new domains he created. After the call, DotPH was convinced Laguilles owned the account used in the hacking incident.
Then in true SOCO-like fashion, DotPH sent a spy operative to gain more information about the suspect. The operative took surveillance photos and interviewed key persons that will help them build a strong case against Laguilles.
In the end, DotPH believes they have found the guy.
The hacking incident took place on November 6, and by Monday the 10th we had already ID’ed the guy and found out where he operates from. It took us some more time to get the documentation needed to file a case, after which we handed all our evidence to NBI. Laguilles should be expecting a knock on his door any time soon.
Assuming Alex Laguilles was indeed the hacker, our question to him: sulit nga bang i-hack ang Sulit? (was hacking Sulit worth it?)