Website 'Hellfire': Hackers release 1m accounts

Website 'Hellfire': Hackers release 1m accounts

Summary: "All aboard the Smoke & Flames Train. Last stop, Hell," Hacktivist group GhostShell proclaims, after releasing one million account details from websites.

SHARE:
TOPICS: Security
2

"All aboard the Smoke & Flames Train. Last stop, Hell."

Hacktivist group GhostShell claims to have released one million account details from websites, in a project under the alias "Hellfire".

The hacktivists, working with groups MidasBank and OphiusLab, posted online on Saturday what appears to be accounts and records gleaned from banks, government agencies, consulting firms, law enforcement and the CIA.

project hell fire hacking attack 1m accounts stolen

The post on Pastebin said:

"Team GhostShell's final form of protest this summer against the banks, politicians and for all the fallen hackers this year. One million accounts/records leaked. We are also letting everyone know that more releases, collaborations with Anonymous and other, plus two more projects are still scheduled for this fall and winter. It's only the beginning."

Researchers at Imperva say the attackers appear to have employed mostly SQL injection techniques -- tricking a server into handing over restricted information -- but also exploited weak passwords and unsecured content management systems (CMS). Imperva believes that the attacks were made possible through the popular tool SQLmap.

Some of the hacked databases included over 30,000 records, although the actual figures were "hard to count and verify". While "a lot of the data" does not appear to be sensitive, through CMS exploits GhostShell was able to steal a "very large portion" of the files, which noticeably included credit history reports.

Other information included usernames, passwords, email addresses and the real names of account holders.

"It's hard to say with precision just how much (data was stolen), but you can say this is a pretty significant breach," Rob Rachwald, director of security strategy at Imperva, told sister site CNET.

However. that wasn't the end of the story. the user who posted the data -- DeadMellox -- also offered three access points for "anyone who's up for the challenge". These are apparently for six billion databases from a Chinese mainframe that it claims contained technology from China, Japan and potentially other countries; over 105 billion databases from a U.S. stock exchange mainframe; and access points to three or four Department of Homeland Security servers.

Offering tips, the user says that whoever proclaims "challenge accepted" will need 1TB of space available, and although the information isn't that great, "it may be good for street cred".

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • So, where did they post them?

    ???
    Nsaf
    • "The post on Pastebin said:"

      Hmmm.... where indeed?
      ejhonda