Search This Blog

Showing posts with label Team GhostShell. Show all posts

Team GhostShell are back with a bang

They are back again after almost three years! Team GhostShell, a well-known hacking group, has returned with hacks and database leaks.

The hacking group claims to have leaked data from various websites within 24 hours.

On June 29, the team posted on twitter links to a number of Korean and Japanese websites, educational portals, university websites and travel websites which they claim to have hacked.

The posted websites and services do not appear to follow a particular trend or pattern so it is believed that the sites have been hacked.

Lee J, a security researcher, posted on Cyber War News that when he contacted TeamGhostShell, they had explained that not all data is going to be leaked from targeted sites and as an example of this got shown an exclusive set of data from an Australian cloud provider (redacted for now) which contains 1,500+ full banking information such as full names, home addresses, mobile contact numbers, contract dates and probably worst of all Tax file number (TFN). The provider has been contacted at time of publishing.

According to him, till the date, 444 different databases have been dumped from various sites and sub-domains mostly being education and government based.

“A basic scan of these sites has shown that there is a heap of accounts leaks, over 17,700 have email and password combinations as well as many other user name and password combinations as well,” he added.

“I have been told in a conversation with TeamGhostShell that they plan to leak data until they are caught,” he said.

He said that the team has added account with a paste titled “Dark Hacktivism- Information is everything”.

It is said that this is not the end. There are a lot more data to come over in coming days or weeks.

#ProjectWhiteFox- 1.6 million Accounts leaked by Team GhostShell

The famous hacker group Team GhostShell returns with massive data leak. Today TeamGhostShell has claimed to have leaked 1.6 million Accounts from fields such as aerospace, banking, law, education, government, military, airlines and more , under their new project called "#ProjectWhiteFox".

"Winter is here and so are we, to present Team GhostShell's last project. We've included plenty of surprises in this one, so hop on our bandwagon, we're going on an adventure!" The TeamGhostShell said in the leak.

According to the pastebin post, the data leaks are from a number of organization including NASA, the European Space Agency, Pentagon, Crestwood Technology Group, Bigelow Aerospace, the California Manufacturers & Technology Association and Aerospace Suppliers.

"#ProjectWhiteFox will conclude this year's series of attacks by promoting hacktivism worldwide and drawing attention to the freedom of information on the net."

The data dump contains database details, name, email address, mailing lists, address ,passwords and more data.  The dump also contains the SQL Injection vulnerable links.  It seems like hackers has extracted the database using these vulnerable links.

"#ProjectWhiteFox - Freedom of Information: 1.6 million accounts/records leaked #ESA #NASA #Pentagon #OpWCIT #GhostShell " The attack was announced in Twitter.

#ProjectWestWind : Team GhostShell hacked Italian Government Sites

A Hacker known as Echelon, leader of Team GhostShell, launched a new campaign called ProjectWestWind, an operation aimed at “extreme-right nationalism and racism” in politics.

“As some of you may know (although not nearly as many as it should be), Europe has these past few years been hit by waves of extreme-right nationalism and racism in its political sphere. This includes nationalist political parties like Hungary's ‘Jobbik’, Italy's ‘Lega Nord’ and Finland’s ‘True Finns’,” Echelon said.

“The parties thrive on ignorance and disappointment, and have risen towards power on the wave that was the 2008 economic crisis - just as the NSDAP did during the 30s.”

The first victims of ProjectWestWind, which targets European governments, are a number of state-owned sites from Italy.

One of the targets is the Comune di San Marzano (, the site of which has been defaced to display the hackers’ message. Besides altering the website’s main page, Team GhostShell has also leaked more than 100 usernames and password hashes, including the ones of the administrator.

Another target is IV Circolo C.N.Cesaro ( from which the hackers have leaked 41 record sets comprising usernames, email addresses, names and password hashes. has been taken offline after the group has gained access to their databases, publishing 22 login details and 68 entries from a table named “docent.”

Names, usernames, passwords and email addresses have been also stolen from,, and, all of them being taken offline.

The Italian government sites haven’t been the only victims of the first phase of ProjectWestWind. The website of the Swedish Vänsterpartiet political party ( and the one of the Council of Bars and Law Societies of Europe ( have also been breached. From each of their databases the hackers have made available a handful of login details.