Lawrence Gimenez

Smartmatic Hacked by Kids

I just found out that the XSOX group has been arrested. It turns out, they’re just some kids who hacked Smartmatic. Kids.

Back in January 2022, I tried to warn everybody about this leak but only a few seemed to believe me. I have to take down my post back to private because of the backlash. After that week, I removed myself from any news about it.

Below is the excerpt.

Smartmatic Hacked

Edited on March 2, 2022

I changed the title to Smartmatic Hacked from Comelec Hacking Investigation. Because it seems that Smartmatic was the one that was hacked.

I believe this has been going on for over a month. And none of the concerned agencies in the Philippines gave a damn. The group has been posting a lot of leaks already.

It would be great if someone from the cybersecurity community can confirm this leak.

Update as of January 25

There seems to be a Facebook page called XSOX.Group that is currently leaking data and it seems that the Smartmatic servers are hacked

Recently a report from the Manila Bulletin indicated that the Comelec was hacked recently. NBI 2 days ago came out with a report stating that there was no hacking involved.

Curiously, I tried to investigate myself. I Googled several keywords until I spot my first clue. A cached link from RaidForums.

I signed up on RaidForums but the link is not visible to new users or members with low reputations. So instead I clicked on Google’s cache instead, you can open this link. Below is the screenshot:

Still, inside RaidForums, I searched for “Philippines” and found another data dump. This time it is from a popular grocery chain in the Philippines.

You can sign up freely on RaidForums if you want, it is free. But I don’t believe you won’t find any links to download the database dump since it is only available to members with huge reputations.

Conclusion

I’m not sure if the database dumps in RaidForums are legit but it certainly looked like one. I wonder if both NBI Cybersecurity Team or DICT found this forum.

It took me no less than 20 minutes for this investigation.

This was their first Facebook post I guess.

I forgot what Philippine agency I messaged on Messenger, but I was only “seen”. I did not get any reply. I believed I also sent a message to the group but deleted it right away because I was scared of the magnitude of this incident.

It sucks I was only able to grab a couple of screenshots of the whole ordeal.

I feel safe posting this now since my hunch was validated by their arrests. It was great to be somewhat part of this history, something I will tell my grandkids someday. Anyway, kudos to the Philippines cybercrime agencies working behind the scenes to get those scums arrested.