• United States



Massive Leak: Project HellFire Hackers Dump 1 Million Accounts from 100 Sites

Aug 28, 20124 mins
Content Management SystemsData and Information SecurityData Breach

The hacker collective Team GhostShell, in collaboration with two other hacking groups, MidasBank and OphiusLab, hacked 100 websites worldwide and then dumped one million accounts/records in "protests" under the Project HellFire banner.

A massive leak of one million records were dumped by the hacker collective Team GhostShell in the last protest of the summer “against the banks, politicians and for all the fallen hackers this year.” However “we are also letting everyone know that more releases, collaborations with Anonymous and other, plus two more projects are still scheduled for this fall and winter. It’s only the beginning. There are more leaked accounts/records coming.” The leak was first announced by DeadMellox, the “blackhat leader of Team GhostShell.”

The Project HellFire Pastebin statement begins with:

All aboard the Smoke & Flames Train. Last stop, Hell. You can have the pleasure of sharing seats with targets such as WallStreet, CIA Services [not the Central Intelligence Agency but C.I.A. Services], MIT, Consulting Firms, Political Advisors, Security Companies, Corporations, Weapon’s Dealers, Laboratories, Internet Hosting Services, Academics, Banks, Police Departments, Aviation, The Navy, Stocks Exchange, Bonds Exchange, Markets, Emirates Organizations, Various Businesses, Hedge Funds, Estate Agencies, Public Affairs, Robotics, etc.

Furthermore, Team GhostShell said it plans to give away access points to “six billion databases from a Chinese mainframe full of Chinese and Japanese technology;” “over 105 billion databases to a U.S. stock exchange mainframe;” and “3-4 different servers belonging to the Department of Homeland Security.” The Project HellFire hacks were reportedly accomplished in collaboration with two other hacking groups, MidasBank and OphiusLab.

Security firm Imperva analyzed the attacks and said most were accomplished via SQL injection using the tool SQLmap. While Imperva said it was “hard to count and verify” how much data was taken, “some of the breached databases contained more than 30,000 records.” It’s the same old story when it comes to the problem of weak passwords, but a law firm used:

an interesting password system where the root password, ‘law321’ was pre-pended with your initials. So if your name is Mickey Mouse, your password is ‘mmlaw321’. Worse, the law firm didn’t require users to change the password. Jeenyus!

While “a lot of the stolen content did not include any sensitive information,” it appears the attackers exploited content management systems (CMS) to acquire “a very large portion” of the files, reported Imperva. “Credit history and current standing is a very noticeable part of the data stolen” from targeted banks. Other records contain usernames, passwords, email addresses, real names and more from “consulting firms, government agencies and manufacturing firms.”

Earlier this year, Team GhostShell was busy hacking the heck out of China during Operation ProjectDragonFly which “began by breaching every site in their way, including national and regional sites, giving as examples, ‘Hong Kong (hk), Beijing (bj), Shanghai (sh), Macau (mo), Tianjin (tj), Anhui (ah), etc’.” That leak included “usernames, passwords, addresses, phone numbers, passports, flight numbers, private messages, project descriptions, and much more.”

In another hack, AntiSec hacker Stun claims to have breached GlobalCerts which, according to the “About” page, offers “secure messaging and certificate management solutions.” According to Softpedia, the AnonPaste, lists “around 1,600 names, job titles, phone numbers, email addresses, company names and other information.”

Yesterday Softpedia reported on other hacktivist news. A DDoS attack, part of Operation Free Assange (#OpFreeAssange), temporarily disrupted the website of Interpol, “the largest international police organization in the world.”

Like this? Here’s more posts:
  • Rise of the AI Overlord: Machines monitor, automatically detect suspicious behavior
  • Anonymizer tied to company selling TrapWire surveillance to governments
  • Owned in 60 seconds with ZackAttack: From network guest to Windows Domain Admin
  • Doubly Ludicrous: DEA war on drugs ‘failed’ so why log us via license scanners?
  • Perfect, persistent, undetectable hardware backdoor
  • Unblinking surveillance stare: Army’s 7-story flying football field-sized blimp
  • Virtual avatar CBP agent Elvis screens travelers for lies at the border
  • Republican National Convention Info Wars: Anonymous, Anarchists, Protesters & Police
  • Leak Police have gone crazy: Danger Room under fire for leaking imaginary weapon
  • Microsoft & NYPD launch an all-seeing Big Brother crime & terrorism prevention system
  • Hacking Humanity: Human Augmentation on the Horizon
  • WikiLeaks dumps Stratfor email dirt on TrapWire, a CIA-connected global spying system
  • Stealthy Wi-Fi Spy Sees You Through Walls Thanks to Your Wireless Router

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.