Ghostshell takes credit for extensive hack of government, private websites

The hacktivist group Team Ghostshell took credit Monday for the release of 1.6 million accounts and records stolen from government and private organizations covering aerospace, law enforcement, the military, the defense industry and banking.

Among the organizations the group claimed to have stolen information included NASA's Center For Advanced Engineering, the Department of Homeland Security (DHS) Information Network, the FBI's Washington division in Seattle, the Federal Reserve and Interpol.

Taken from about 40 websites, the information is reported to have included usernames, email addresses, passwords, phone numbers, mailing lists, administrator account information and defense data.

The information was stored on the web in more than 140 uploads, and mirrored in multiple sites. The group listed on Pastebin URLs for the information, along with a lengthy rant on the operation they called ProjectWhiteFox.

Team Ghostshell, which is loosely connected to Anonymous, has claimed responsibility for several other major breaches this year. The group claims the latest hack is the last of the year.

Team Ghostshell said it would send an email warning some of the organizations of security weaknesses. "Forgot to mention that the email will also contain another 150 vulnerable servers from the Pentagon, NASA, DHS, Federal Reserve, Intelligence firms, L-3 CyberSecurity, JAXA (Japan Aerospace Exploration Agency), etc. consider it an early Christmas present from us," the group said on Pastebin.

[See also: Hacktivists have the enterprises' attention. Now what?]

Other organizations the group named as victims included The European Space Agency, the Credit Union National Association, intelligence firms Aquilent and Flashpoint Partners, DHS' cybersecurity information site ICS-CERT, Raytheon, L-3 Communications, General Dynamics, the California Manufacturers & Technology Association and the Texas Bankers Association.

The extent of the damage from the leak is unclear. The DHS did not respond to a request for comment. CUNA confirmed that its website had been hacked, but said no sensitive information was stolen. User information taken was e-mail addresses, phone numbers, titles and business addresses, as well as some encrypted password information from more than five years ago.

"We don't save any information about credit union members on our website," a spokesman said. "We're a trade association. We exist for the institutions that are credit unions, not the credit union members."

Team Ghostshell's largest hacks this year included the theft in July of hundreds of thousands of database records from about 40 websites, mostly in China. The organizations included banks, airports, hospitals, news outlets and research labs.

Three months later, Ghostshell claimed responsibility for breaking into more than 120,000 computers accounts of dozens of large universities worldwide, dumping student records onto the Internet. Some of the information was reportedly outdated or already publicly available.

Hacktivism, defacing or breaking into websites in the name of a political cause, was behind numerous attacks this year against government and corporate websites. Politics have become the prime motivator for dedicated denial of service attacks (DDoS) against websites, Arbor Networks said in a recent report.

Last week, Anonymous appeared to be preparing a DDoS attack against the website of the International Telecommunications Union, a United Nations agency holding a meeting of 190 governments to discuss political and commercial control of the Internet, according to one security expert.

In a YouTube video posted by the hacktivist collective, the meeting was said to be a threat to Internet freedom. Following minor outages last week, a major attack has yet to materialize.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Tags hacktivistapplicationsNASAGhostshellPastebinTeam GhostShellAnonymousDepartment of Homeland SecurityData Protection | MalwareinterpolDHSlegalsoftwaredata protectionfbicybercrime

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Sophos Mobile Control

Data protection, policy compliance and device control for mobile devices

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.