E Hacking News [ EHN ] - The Best IT Security News

Showing posts with label Hackers News. Show all posts

Boolean Based SQL Injection vulnerability

Recently, The news about the Pakistani Google hack spread like a wildfire in the Internet. At the time, Top Level Pakistan Domains displayed the defacement page including Yahoo, MSN, HSBC, EBay,Paypal and more sites.

Today, khanisgr8, a hacker from Pakistan hacker collective called "TeamBlackHats" sent an email regarding the security breach. He explains how those websites got hacked by Turkish Hacker group "EBoz".

The day before yesterday we mentioned those hacked sites' dns records points to different free hosting site. Also we report that the site might be hacked using PKNIC vulnerability.

PKNIC is responsible for the administration of the .PK domain name space, including the operation of the DNS for the Root-Servers for .PK domains,
and registration and maintenance of all .PK domain names. PKNIC is operated as a self-supporting organization.

The hackers have claimed to have discovered a Boolean-based blind SQL injection, persistent cross site scripting, sensitive directory directory disclosure vulnerabilities in the official website of PKNIC.

They provide us the vulnerable link with POC to exploit it. Also they sent some data compromised using the vulnerability which contains database details, username and hashed password.

Xss vulnerability

He also provide the screenshot of the Cross site scripting vulnerability. When i tried to verify the XSS vulnerability, i just searched in google for the url and visit a PKNIC link. After visiting the link, i just saw a text "<script>alert("HACKED BY COde InjectOr")</script>". May be Code Injector team attempts to exploit the vulnerability.

"Apparently Google Pakistan has been defaced by a Turkish Hacker group 'Eboz' . It's still quite hard to believe that Google server has been hacked. They really need to put a lot of focus on their defenses because if one website got hacked that means every other websites can be hacked. " they said.

We have sent an email to PKNIC regarding the vulnerability and waiting for their response. We are not sure whether the vulnerability is fixed or not So we are not providing the vulnerable link here.

A hacker called as UR0B0R0X has managed to break into the Colombia Army website and steal the login credentials. He published the data in pastebin.

According to the dump, the data are compromised from different sub domains of mil.co which includes armada.mil.co,fac.mil.co,sanidadfuerzasmilitares.mil.co, reclutamiento.mil.co.

In the paste there are only few account details has been exposed. The full compromised data has been uploaded in few file sharing sites. There is a 20kb text file which contains 60+ entries in each database.The leaked data are email address and hashed password.

http://pastebin.com/KMBpjcpJ

The defaced page

The well-known hacker group Team root today come with interesting hack , they have hacked into the several Government websites of Burkina Faso which is a landlocked country in west Africa. Sounds like Teamr00t has lot of interested to hack the Government websites than other websites.

"Teamr00t Has Arrived!!! We are the voice for the suppressed people of the world, and we will show you the truth!"

The hacked Government sites includes Ministry of Defense, Ministry of Justice,Economic and Social Council,Ministry of Health, Ministry of Economy and Finance,High Council of Communication and more Top government sites hacked.

Hackers has posted their usual message to the Government "To the governments of the world,it is time you listened and acted upon what would benefit and help the people of your countries! It is now time for you to start listening to the voices of your nation and deal with the problems that are occurring every single day."

"Your people have the right to have their voices heard and you the government must listen to your nation. You cannot arrest, torture and lock up citizens, if you do not agree with their views, but must listen and act upon them. Everyone has the right to freedom of speech and your people must be allowed this freedom. Stop, listen and take action that will help benefit your nation!"

The full list of hacked sites :
http://www.defense.gov.bf/
http://www.justice.gov.bf/
http://www.ces.bf/
http://www.finances.gov.bf/
http://www.sante.gov.bf/
http://www.primature.gov.bf/
http://www.csc.bf/
http://www.gcob.gov.bf/
http://www.csi.bf/
http://www.information.gov.bf/
http://www.defense.gov.bf/
http://www.mines.gov.bf/
http://www.mid.gov.bf/
http://www.mje.gov.bf/
http://www.fonction-publique.gov.bf/
http://www.matd.gov.bf/
http://www.sggcm.gov.bf/
http://www.sig.gov.bf/
http://www.conseil-etat.gov.bf/
http://www.environnement.gov.bf/
http://www.massn.gov.bf/
http://www.mptic.gov.bf/
http://www.affaires-etrangeres.gov.bf/
http://www.mrsi.gov.bf/
http://www.cour-comptes.gov.bf/
http://www.cour-cassation.gov.bf/
http://www.justice.gov.bf/
http://www.conseil-constitutionnel.gov.bf/
http://www.ces.gov.bf/
http://www.presidencedufaso.gov.bf/
http://www.mpdh.gov.bf/
http://www.csi.bf/
http://www.agriculture.gov.bf/
http://www.mrp.gov.bf/
http://www.sggcm.gov.bf/
http://www.sante.gov.bf/
http://www.demo.gov.bf/templates
http://www.mhu.gov.bf/
http://www.matd.gov.bf/
http://www.action-sociale.gov.bf/
http://www.ces.gov.bf/
http://www.messrs.gov.bf/
http://www.culture.gov.bf/
http://www.meba.gov.bf/
http://www.environnement.gov.bf/
http://www.mjfpe.gov.bf/
http://www.sports.gov.bf/
http://www.gcob.gov.bf/
http://www.mpdh.gov.bf/
http://www.commerce.gov.bf/
http://www.mptic.gov.bf/
http://www.mess.gov.bf/

At the time of writing, All websites displays the defacement page. In case you are not able to see the defacement page, here is the mirror:
http://mirror-ma.com/archive/published=1

A Turkish hacker group called Eboz has hacked and defaced Pakistani high profile websites which includes Search Engine giant Google, Yahoo, Microsoft and Apple, Visa, HSBC, Coca Cola, Blogspot, Sony, HP, eBay and PayPal .

The hackers has defaced Google.pk, Google.com.pk, Yahoo.pk, Apple.pk, Microsoft.pk and 279 other sites in Pakistan

"My homies in a friend always there for me. Have not shot by me with every breath" The message posted by hackers reads(translated).

The list of sites hacked and defaced:
google.com.pk
microsoft.pk
biofreeze.com.pk
blackstone.pk
blogspot.pk
itunes.pk
gmails.pk
zynga.com.pk
chrome.com.pk
chrome.pk
visa.com.pk
bx.com.pk
abbvie.com.pk
abbvie.pk
cgma.pk
chacos.com.pk
cimacpa.pk
cisco.pk
ciscosystems.pk

blogspot.com.pk
cpacima.pk
cpaintl.pk
cpaldglobal.pk
cpalwglobal.pk
drivealliance.pk
eastman.biz.pk
eastman.net.pk
eastman.org.pk
ebay.pk
everyblock.pk
youtube.pk
3com.web.pk
hp.web.pk
revlon.pk
streetwear.pk
windows7.pk
windows8.pk
windowsrt.pk
yahoo.pk
yahoomaktoob.pk
zynga.pk
firstdirect.com.pk
flickr.pk
fordgofurther.pk
gbuzz.pk
gmailbuzz.pk
gmail.pk
googlebrowser.com.pk
google.pk
googlebuzz.pk
googlechrome.com.pk
abbviepharmaceuticals.pk
abbviepharmaceuticals.com.pk
hewlettpackard.pk
hexagon.com.pk
hsbcamanah.biz.pk
hotmail.com.pk
hpcloud.com.pk
hp.com.pk
hpscalene.com.pk
hsbc.biz.pk
hsbcadvance.com.pk
hsbc.pk
hsbcpremier.com.pk
hsbcprivatebank.biz.pk
hsbcamanah.com.pk
hsbcdirect.com.pk
hsbcnet.com.pk
hsbcpremier.biz.pk
hsbcpremier.pk
hsbcprivatebank.com.pk
investdirect.biz.pk
investdirect.com.pk
ipod.pk
jaiku.pk
kellyservices.com.pk
maktoob.pk
markmonitor.pk
microsoftsmartglass.com.pk
microsoftsmartglass.pk
xboxsmartglass.com.pk
xboxsmartglass.pk
msn.org.pk
windowsstore.pk
windowsstore.com.pk
opteron.com.pk
parkplaza.pk
paypal.pk
postini.pk
scalene.com.pk
schwab.biz.pk
schwab.com.pk
sonystyle.com.pk
streetwear.com.pk
theworldslocalbank.com.pk
genapp.pk
genapp.com.pk
generationapp.pk
generationapp.com.pk
windows.com.pk
windows7.com.pk
windows8.com.pk
3com.biz.pk
3com.fam.pkpk
bx.com.pk
abbvie.com.pk
abbvie.pk
cgma.pk
chacos.com.pk
cimacpa.pk
cisco.pk
ciscosystems.pk
cpacima.pk
cpaldglobal.pk
drivealliance.pk
eastman.net.pk
monatin.pk
youtube.pk
revlon.pk
windows7.pk
3com.net.pk
3com.org.pk
gchrome.com.pk
aicpacima.pk

Guess what?! The sites including Blogspot,paypal, fanta, Ebay, Msn.org.pk still displays the defacement page and we are not able to reach other sites.

It seems like hackers compromised the Pakistan's TLD operator PKNIC which administers and registers all .pk domains.

Hackers modified the DNS servers records such that it points to some other server, points to two nameservers, dns1.freehostia.com and dns2.freehostia.com

In case you are not able to see the defacement, you can see the Mirror of the defacement page here "zone-h.com/archive/notifier=KriptekS".

Few days back, Pakistani hackers has defaced the high profile Israeli websites which includes BBC, Bing, Intel, Live, MSN, CNN, Skype,Xbox .

The hackers from the Bangladesh Grey Hat Hackers collective have breached and defaced more than 20 Israeli websites.

“How's feeling guys? Remember our name? We are Bangladesh Grey Hat Hackers. We will make your life hell. You have no rights in the cyber space & in the world. You guys are nothing more than a cancerous tumor. We will hit you again & again & again.” The hacker said in the statement.

Last month, they hacked into more than 50 Israeli websites and defaced them with same message.

At the time of writing, most of the sites are not restored. The list of hacked sites has been listed here:
http://pastebin.com/zHhmPQDi

Shortly after the Anonymous activists declared cyber war on the Israeli websites, a Pakistani hacker group also came forward in support of GAZA and defaced lot of high profile Israeli websites.

The hack was made by hackers going by the names 1337, H4x0rL1f3, ZombiE_KsA, and Invectus.

"The Notorious Hackers are Back "The defacement message reads. "Your war on Gaza will make you cry blood and let the next few days prove that to you ! ...."

The affected sites includes MSN, Bing, Skype, XBOX, Intel, Live, CNN and more sites.

List of hacked sites , according to Zone-h :
www.skype.co.il
www.cnn.co.il
intelcore.co.il
www.msn.org.il
passport.org.il
www.microsoftstore.co.il
intelatom.co.il
www.opel.co.il
philips.co.il
bing.co.il
bbc.org.il
pantene.co.il
paypass.co.il
amazonunbox.co.il
windowslive.co.il
windows.co.il
www.nbcuni.co.il
citibank.co.il
xbox360.co.il
www.xboxfusion.co.il
cocacola.co.il
coke.co.il
www.xboxignite.co.il
www.intelappup.co.il
www.intel.co.il
live.co.il
solarwinds.co.il
live.org.il
www.msn.co.il

Mirror of the defacement can be found here:
http://www.zone-h.org/archive/notifier=1337

Meanwhile, the Israel Mastercard site is down(www.mastercard.co.il). It was reported by Anonymous hacker with twitter handle Anonymous_SA.

Nic.gp domain provider database leaked

A hacker called as Ur0b0r0x has made a claim that he gained access to One of the top Domain provider in Guadeloupe. Network Information Center(NIC.gp) is the provider of .gp, .com.gp, .net.gp, .info.gp domains .

"Network Information Center Guadeloupe nic.gp #Hacked #dataleaks @EHackerNews http://pastebin.com/gWdnzakx" The tweet sent to E hacking News reads.

In the paste, he has published few sample data and download link to a 168kb text file that contains the rest of the data.

The leak consists of 1271 account details that contain username, email address and phone number as well as surname. The dump also contains 1238 passwords in encrypted form.

After analyzing the list of data provided, we found that there is data belong to lot of high profile sites including Google, Yahoo and more sites, as they have registered the domain with nic.gp.

The list of high profile sites that has registered domain in this site : google.gp, yahoo.gp, twitter.gp, paypal.gp. Their data can be found in the leak.

We notified the NIC.gp regarding the hack and waiting for their response.

The anonymous hackers launched Distributed denial of service(DDOS) attack against Ukraine Bank website(bank.kiev.ua ). The attack was announced in twitter by hacker named 'LegionCr3w' .

"bank.kiev.ua/ TANGO DOWN! reason: corruption / election 2012 #OpUkraine"the tweet posted by hacker reads.

"Dear #corrupt #governments out there: We are Anonymous. We are your enemy. We will always fight. We will win. #Anonymous" another tweet reads.

At the time of writing ,we are not able to reach the site and downforeveryoneorjustme reports "It's not just you! http://www.bank.kiev.ua looks down from here. "

Besides DDOS attack, He has hacked into one of the Ukraine government website(dabi.gov.ua) few days back. The data stolen from the server was dumped in the pastebin.

http://pastebin.com/D37YwLp2

Argentina Government sites under ddos attack

The day after they sent a warning message to the Government, the Anonymous hackers has launched distributed denial of service(DDoS) attack against several Government websites.

Today, they have taken down the President of Argentina (www.presidencia.gov.ar) and Ministry of Economy and Finance of Argentina (www.mecon.gov.ar).

Other sites being targeted are Argentina Army and anses website. At present, we are able to reach www.ara.mil.ar and anses.gob.ar .

MEcon site displays "Error establishing a database connection" .

Hackers has breached the server belong to Provincial Directorate of Fisheries (DPP) (maa.gba.gov.ar). They have leaked the extracted data in pastebin that contains database name, username, plain-text passwords.

http://pastebin.com/5bam8kJm

Ministy of Science , technology and Innovation (www.mincyt.gob.ar) also got hacked and data has been dumped in pastebin. The dump contains username, hashed password.

Hackers leaked database from PAMI.ORG.AR that contains username, email address and some other information.

Anonymous Argentina targets the Argentina Government websites under the operation called "#OpArgentina8N". Today , they have sent a warning message to the government.

Hackers has listed their demands to the government in the message.

" The national government must comply with the law, respecting the basic principles of the Republican and democratic system. Framing all of their acts within the Constitution, respecting the separation of powers and freedom of expression." The first demand reads(translated).

The rest of the demands can be found here:
http://pastebin.com/LvJVy4rR

According to the hacker statement, they will start the attack on November 8(today).

As part of the operation, they have hacked into edeaweb.com.ar and dumped the stolen data. The dump contains 146 passwords and some other information.

*Update* AnonymousTjTeam has tweet that the Argentina Ministry of Defence(mindef.gov.ar) is down. At the time of writing, the site is still down.

The hacker n3m1s, once again hacked into one of the Albania Government website. Today he claimed to have breached the website belong to Probation Service of Albania(sherbimiproves.gov.al).

To demonstrated the fact that he breached the server , he has released some stolen from the server, it has been dumped in the pastebin.

http://pastebin.com/9RWrrxnq

The dump contains configuration details that includes database server , database name, database username and password information. Also it contains the admin username and password with the link to the admin panel.

From the paste, we are realized that the site is vulnerable to SQL Injection security flaw. He also has provided the vulnerable link.

*Update* Hacker has defaced the site by exploiting the vulnerability

Yesterday, he hacked into the Ministry of Economy, Trade and Enegry, Respublic of Albania and leaked sensitive information.

One of the famous Hacktivist collective known as Nullcrew, has break into the official website of Unesco Etxea and defaced it. unescoetxea.org is an internationally oriented NGOs working for the culture of peace, sustainable human development and human rights, at local and global levels.

When we try to visit the site, the hackers welcome us with a message 'welcome to the new front page of unescoetxea'. In the defacement page, a youtube video 'Ice Cube - Everything's Corrupt' is being played.

"You have been targeted by NullCrew, as part of the FuckTheSystem movement.
We have began the war, once again; but this time, good-luck even coming close to winning." The defacement message reads.

"The united nations, just a bunch of corrupt nations; united by one source of power.. And for that reason, we have came back; to repete the process.
Enjoy the candy."

Hackers has published some data compromised from the server in the defacement page itself. The data includes directory and file names, wordpress configuration and Blog user credentials.

The data provided in the 'wordpress config' section contains the database name, username and the database password as well as the DB Host address.

In the 'blog user credentials' section, there are only two entries that contain the username, password and email address.

At the time of preparing the news report, the website still displays the defacement page. The attack was announced via twitter about 19 hours ago. It seems like the admin is struggling to restore the site or not aware of the hack?!

Yesterday, they have also hacked into the official website of UK ministry of Defence via simple SQL injection vulnerability and dumped the data.

The hacker called as "UGBrazil" has managed to breach the server belong to Government of Anguilla (Gov.ai), Official website for government offices, includes links, phone numbers and addresses.

He has leaked the compromised database in pastehtml(pastehtml.com/view/chdzm6bny.txt) . The leak contains user id, password, email address, first name, last name details.

After further researcher , we have discovered that the database is already leaked by another hacker. In fact, the hacker has already cracked the passwords.

At that time, he has discovered multiple vulnerabilities in that government site including SQLi, XSS, and open ftp connection. The worst part is that the vulnerability is not yet fixed. It means that the admin didn't aware about the breach for 2 years.

Government of Venezuela hack

UGBrazil also defaced the official website of Government of Venezuela.(tibisay.seniat.gob.ve/produccion1/templates/beez/index.php). At that time of writing , the site still displays the defacement page.

The Hacker knonwn as LulzSec_Ecuador has breached various government and Army websites and defaced them.

"For Many this is an enemy Proclaimed revolutionary and liberal idea- this is a reality army. Pero . We are realistic Dreamer with Glasses " The translation of the message posted in the defacement page reads.

Three Army subdomains has been defaced by the hackers including INOCAR(inocar.mil.ec), Navy Planetarium(planetario.inocar.mil.ec), eimaga.inocar.mil.ec.


The defaced page

They have also defaced the official website of Governor of the Province of Guayas(goberguayas.gob.ec) and National committee ERFEN(erfen.gob.ec).

At the time of writing, All of the sites are not restored and still displays the defacement page created by hackers.

The Turkey branch of Anonymous hacker group has launched distributed denial of service attack and taken down the Turkey the National Judicial Network .

"5th of November - Turkey the National Judicial Network www.uyap.gov.tr and avukat.uyap.gov.tr Down #Anonymous #Op5Nov" They announced the attack in a tweet.

They have also defaced the official website of TCDD Foundation(tcddvakfi.org.tr) and posted "Remember remember 5th of November"

At the time of writing, the site is still down and displays "HTTP Error 503. The service is unavailable."

Anonymous hacker group has managed to break into the official website of Telecom Italy (www.telecomitalia.it) and steals more than 30,000 credentials. To demonstrate the fact that they hacked into the server ,they have leaked few data.

The leaked data includes four passwords, Social Security Numbers , Social Insurance Numbers.

According to AnonHackNews report, The site has XSS error and vulnerabilities that allow third parties to access the "htaccess" and other sensitive data. They've claimed that they will not publish sensitive information of individual users.

"This one can define a simple notice to show that you do not have appropriate security measures. In fact it is very simple appropriated credentials and social security numbers." Hackers said.

" As said before the data released are nothing compared to the data in our possession. About 30,000 stolen credentials (such data will not be published in this) ask for a review of your services otherwise expect updates! "

In a separate paste, they have posted the vulnerable link that has Cross-site Scripting (XSS) + Apache Error + Directory Listing vulnerability.

Anonymous pointed out that one of the password is 'name12345' and recommends users to change all passwords relating to possible account.

Multiple NBC Websites has been hacked today by a hacker named 'pyknic' in honor of Guy Fawkes Day, 5th November.

Hackers defaced the site with music and message from Anonymous hacktivists. In the message, the hackers claim to have exposed user information including passwords, but this has not yet been confirmed.

"REMEMBER, REMEMBER THE FIFTH OF NOVEMBER, THE GUNPOWDER TREASON AND PLOT. I KNOW OF NO REASON WHY THE GUNPOWDER TREASON SHOULD EVER BE FORGOT. REMEMBER, REMEMBER THE FIFTH OF NOVEMBER, THE GUNPOWDER TREASON AND PLOT. I KNOW OF NO REASON WHY THE GUNPOWDER TREASON SHOULD EVER BE FORGOT. REMEMBER, REMEMBER THE FIFTH OF NOVEMBER, THE GUNPOWDER TREASON AND PLOT. I KNOW OF NO REASON WHY THE GUNPOWDER TREASON SHOULD EVER BE FORGOT. REMEMBER, REMEMBER THE FIFTH OF NOVEMBER, THE GUNPOWDER TREASON AND PLOT. I KNOW OF NO REASON WHY THE GUNPOWDER TREASON SHOULD EVER BE FORGOT."

The list of affected sites includes NBC’s Saturday Night Live page, mobile main page(m.nbc.com), NBC Sports Rotoworld forums (forums.rotoworld.com),
NBC Extra(www.nbc.com/extras), NBC’s videos page
and its main show section.

At the time of writing, the NBC's sites are back to normal and it looks like they've gotten the situation under control.

Lady Gaga fansite "GagaDaily.com" also taken down by the same hacker.

Today, The Anonymous hacker with a handle 'Stun' has announced the leak of source code of VMware ESX server kernel in Twitter.

The hacker has uploaded a 1.89 Mb File in 1337x.org with a message that explains the reason for the attack.

"WILD LEAKY LEAK. FULL VMware ESX Server Kernel LEAKED
http://1337x.org/torrent/421062/VMware-ESX-Server-Kernel-LEAKED/ #Anonymous #AntiSec #SourcySleazySundays" Hacker tweet reads.

"Which VMware has succeed to ignore and continue producing on same level like it's buddy Symantec did. Bullshitting people and selling crap. But it's time for Anonymous finally to deliver." The anonymous said in the leak.

Inside the downloaded archive

"Ofc VMware will try to make like this Kernel is old and isn't used in its recent products. But thanks god, there is still such as thing as reverse engineering that will prove it's true destiny."

According to their press release, the leaked VMKernel is from between 1998 and 2004. But kernels don't change that much in programs, they get extended or adapted but some core functionality still stays the same.

Earlier this year, Anonymous Hacker with the name 'HardcoreCharle' leaked VMWare Source code. He claimed that the leaked code and associated commentary dates to the 2003 to 2004 timeframe.

We are not sure how stun compromised the source code but HardcoreCharle compromised by breaching the corporate network of the China National Electronics Import-Export Corporation (CEIEC), a Beijing-based firm.

We contact Stun regarding the previous source code leak. "ESX kernel not included...." He responded. But, when we asked how he got this file, he failed to respond. Anyone have the previous version leak?! If so, then please verify and do inform us.

Now a days, the number of ransomware attack is increasing. Usually, the ransomware claim that victim has violated the law and names law enforcement (such as the CIA or FBI) to scare victims. Then , it will ask user to pay some ransom for unlocking thier computer.

Interestingly, new ransomware has been discovered by the Swiss security blog Abuse.ch that names the Anonymous Hackers instead of law enforcement.

In a tweet, Researcher posted about the Ransomware " #Ransomware: "Your computer has been hacked by the Anonymous Hackers Group and locked for the moment." pic.twitter.com/cmcSA0gY"

The new ransomware displays the following message instead:

We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.

Tango down!

Your computer has been hacked by the Anonymous Hackers Group and locked for the moment. All files have been encrypted. You need to pay a ransom of £100 within 24 hours to restore the computer back to normal. If the ransom is not paid on time all the contents of your computer will be deleted and all your personal information such as your name, address, D.O.B., etc. will be published online, after this has been done the process, ram and motherboard will be fried. Any attempts to remove this virus will result in the consequences mentioned.

To unlock the computer, the ransomware ask user to pay the money through ukash. "When you pay the ransom your pc will get unlocked in 1 to 3 hours" The ransomware statement reads.

The strong reasons why it was not created by Anonymous:

Anonymous never harm Individual users(i believe), Anonymous is activist who hack governments not innocent users
Anonymous calls itself just "Anonymous" not "Anonymous Hackers Group."
Anonymous never concerned about money.
*"Tango down" is the word used for DDoS attack not for malware attack.

Anonymous hacktivisits has breached the server belong to Greek Finance Ministry and leaked classified documents. The cyber attack was described as one of the biggest hacker attacks against Greek Government.

The attack was reported by the local news site 'secnews.gr'. The leak contains e-mails and correspondence between the Ministry and the Troika representatives about the state of Greek economy.

They also leaked usernames and passwords. Guess what?! If you check the passwords listed there, you will remember our Magazine name. Yes most of the passwords are 123456. (Read our magazine 'password is 123456' ) . In fact, one of the passwords is '123'.

The hackers claimed that their aim is to expose all the data of Greek economy so all Greek citizens know the truth and thus just days before the 13.5-billion-euro austerity package goes to Parliament for voting.

"We gained full access to the Greek Ministry of Finance. Those funky IBM servers don't look so safe now, do they... We have new guns in our arsenal. A sweet 0day SAP exploit is in our hands and oh boy we're gonna sploit the hell out of it. Respectz to izl the dog for that perl candy." Anonymous said in the statement.

The documents has been uploaded in their own server:

https://anonfiles.com/file/5c9fa9402e62bffd2f569ac3d118fbcd
https://anonfiles.com/file/a50145cddeb310ad8250c6c97d569887

Older Posts Home

Recent Posts
Comments

Become a Fan

Get Latest news at Your Email

Enter Your Email:

Subscribe to our RSS Feeds!