#ProjectWhiteFox -Team GhostShell Hacked 1.6 Million Accounts of NASA, ESA, Pentagon & FBI
After the devastating "Project Blackstar" now the hacktivist group calling them selves "Team GhostShell" announced another big hack, where the hackers have targeted several big organizations. This round of cyber attack was going under the banner of #ProjectWhiteFox, in which GhostShell has posted log-in details of 1.6 million accounts they claim
are taken from a series of attacks on organizations including NASA, FBI, European Space Agency and Pentagon, as well as many companies that partner with these organizations. The Anonymous subsidiary group has posted the details on Pastebin, while describing the aim of the hack; as part of their #ProjectWhiteFox campaign to promote hacktivism and freedom of information on the internet. The hacker group claimed that the leaked information contained log-in names, passwords, email addresses, CV & several other sensitive information. In their release GhostShell said - "For those two factors we have prepared a juicy release of 1.6
million accounts/records from fields such as aerospace, nanotechnology,
banking, law, education, government, military, all kinds of wacky
companies & corporations working for the department of defense,
airlines and more."
GhostShell members also said that they have messaged security bosses about the
insecurity a number of organizations they targeted during attacks
throughout 2012, describing it as "an early Christmas present."
In a Pastebin file,
GhostShell features a list of 37 organizations and companies, including
The European Space Agency, NASA’s Engineers: Center for Advanced
Engineering, and a Defense Contractor for the Pentagon. GhostShell sets
itself apart from other hacktivist groups by targeting more than just
one company or organization, and then releasing the results of its
attack all at once. This set of hacks is spread out across 456 links,
many of which simply contain raw dump files uploaded to GitHub and mirrored on paste sites Slexy.org and PasteSite.com.
The uploaded files contain what appears to be user data that looks to
have been obtained from the servers of the various firms (likely via SQL injection). The entries include IP addresses, names, logins, email
addresses, passwords, phone numbers, and even home addresses. Email
accounts include the big three (Gmail, Hotmail, and Yahoo), as well as
many .gov accounts. There are also various documents and material
related to partnerships between companies and government bodies, as well
as sensitive information for the aforementioned industries.
Furthermore, the group says it has sent an email to the ICS-CERT
Security Operations Center, Homeland Security Information Network
(HSIN), Lessons Learned and Information Sharing (LLIS), the FBI’s
Washington Division and Seattle location, Flashpoint Intel Partners,
Raytheon, and NASA. In it, they say to have detailed “another 150
vulnerable servers from the Pentagon, NASA, DHS, Federal Reserve,
Intelligence firms, L-3 CyberSecurity, JAXA, etc.”
-Source (TNW)
