Civil Aviation Authority of the Philippines website hacked

Screengrab of CAAP website from ABS-CBN News
Screengrab of CAAP website from ABS-CBN News

The Civil Aviation Authority of the Philippines (CAAP), was targeted by hackers yesterday who defaced the website with Chinese characters.

According to an analysis done by Nullforge, a local cyber security company, CAAP had several site vulnerabilities including:

  1. Outdated Joomla CMS v3.6.5 – current stable version is v3.8 – (lack or the absence of patch management
  2. There is a known zero-day exploit for Joomla CMS v3.6.5 circulating in the wild.
  3. There were several security violations that was spotted on the CAAP website that can been seen by any security searchers or skilled attackers. (Lack or the absence of vulnerability assessment and penetration testing)

CAAP is the government agency responsible for regulating aviation in the Philippines.

As of posting time, the site is under maintenance but searching the Philippines’ “Civil Aviation Authority” on Google will turn up with Chinese characters in the link to CAAP’s website.

Coconuts Manila reached out to CAAP for a statement on the hacking, but we have not received a response as of posting time.

According to Nullforge, this is the second time in two months the CAAP website has been hacked.

Several other government websites were previously hacked including the government’s censorship board (MTRCB) in 2016 and the website of the environment agency in 2012.

The most serious hacking incident happened in 2016 when hackers penetrated the election commission’s website and stole the data of over 55 million registered voters.

Subscribe to The Coconuts Podcast for top trending news and pop culture from Southeast Asia and Hong Kong every Friday!

Reader Interactions

Leave A Reply


Support local news and join a community of like-minded
“Coconauts” across Southeast Asia and Hong Kong.

Join Now
Coconuts TV
Our latest and greatest original videos
Subscribe on