The hacker known as Davy Jones who hacked Top Sri Lankan websites, has come with another hacking attack. Today, he breached the United Nations High Commissioner for Refugees in Sri Lanka website .
UNHCR is the refugee agency of the United Nations. In Sri Lanka, UNHCR works to protect and assist people displaced by the conflict within the country - internally displaced people (IDPs) - as well as those returning to their homes in the north and east. UNHCR is also assisting Sri Lankan refugees returning from India and a small number of the asylum-seekers and refugees from other countries
The hacker has compromised the database server belong to UNHCR.lk and leaked the stolen data in the Pastebin(pastebin.com/5UaZ6XgB).
The dump contains the data from the table called 'admin login fail backup details' that contains password and email address.
The dump also contains the username and password of the administrator account. Even though the password of the admin is hashed with MD5, the password('admin') is very simple to Guess for a normal user also.
Recently, the hacker also claimed that he ddosed Colombo Stock Exchange(cse.lk) for few hours against corruption of Sri Lankan government.