NBI presents hackers behind gov’t website attacks

HACKERS. National Bureau of Investigation Director Jaime Santiago and Navy officials present hackers behind the series of cyberattacks on government online resources, at a press conference in Manila on Thursday (July 18, 2024). They were arrested in operations in Tagaytay, Cavite; Quezon City; and Makati City last week. (Photo courtesy of NBI)

By Benjamin Pulta, Philippine News Agency

MANILA – Government investigators on Thursday presented three persons behind a series of cyberattacks on government online resources, including the Philippine Navy’s database.

In a press conference, the National Bureau of Investigation (NBI) said the three, identified by their internet handles “Newbiexhacker,” “Haxinja,” and “D4rkJ1n,” were arrested in operations in Tagaytay, Cavite; Quezon City; and Makati City last week.

NBI Director Jaime Santiago said after Newbiexhacker’s arrest in Tagaytay on July 8, 2024, he yielded a file that was code-protected and contained sensitive information that was stolen from the database of the Philippine Navy.

Newbiexhacker said the data was sent to him by Haxinja, who also has the access code for the said data.

The NBI-Cybercrime Division (NBI-CCD) contacted Haxinja who confirmed that he has in his possession the passcode to access a Philippine Navy file.

Undercover agents launched entrapments which resulted in the arrest of Haxinja after he gave access to the hacked file, which was confirmed to be a strictly confidential document.

Other files in the flash drive of the suspect also contained multiple documents and photos taken from the database of the Philippine Navy.

Santiago said the third hacker, “D4rkJ1n,” was arrested in Cubao, Quezon City by CCD operatives.

Haxinja was presented for inquest proceedings for violation of Section 4(a)(1) and Section 5(ii) of Republic Act (RA) 10175 (Cybercrime Prevention Act of 2012) and Section 29 of RA 10173 (Data Privacy Act of 2012).

On the other hand, D4rkJ1n was presented for inquest proceedings for violation of Section (a)(5) of RA 10175 and Section 33(a) of RA 8792 (Electronic Commerce Act of 2000).

Meanwhile, Philippine Navy spokesperson Commander John Percie Alcos said the latest incident was different from one earlier reported but said the information contained was already widely available and included the movement of Navy sea-going assets in the West Philippine Sea.

“So let me say this that when we did the examination of the files that were hacked from our servers, and after validation, we found out that it is still different (from) the data or the information that we shared to you every Tuesday during the AFP press conferences. This can be considered as open source information already, but it dates back to 2022 and 2023, but it’s still different from the information that we shared with you every day,” Alcos told the media.

He said while it included data regarding the West Philippine Sea, it was just the disposition of vessels routinely reported by the Navy to the public.

“What is important here is that we know that the insider threat program of the AFP is working so that we can be devoid of security liabilities not only in the Defense department but also in national governments,” he said.