The hacker group named Cyber Justice Team leaked 10 GB of compressed data (when decompressed are over 43 GB of data) from several Syrian government and private companies.
The group claimed to have hacked Linux server belonging to the Syrian regulatory commission for IT services, the Syrian National Agency for Network Services.
The group has uploaded the files to the MEGA file hosting service and announced the data hack on PasteBin and also published the password of the breached server.
Is it a fresh dump?
According to security experts from Risk Based Security (RBS) who analyzed the archive most of the leaked information comes from past data breaches.
“The first pass at reviewing the data sparked a sense of some more deja vu, as many of the files appeared to include domains from previous, smaller defacements and leaks,” states a blog post published by RBS. “Further analysis confirmed our initial suspicions.”
The data dump contains 38,768 folders, it includes 274,477 files from 55 different website domains, belonging to government agencies and private companies.
The vast majority of files in the data dump were default Plesk files, Joomla!, and Cportal (phpnuke-cms) setups. The attackers may have exploited known vulnerabilities in outdated software.
“That said, our analysis shows the data appears to originate from nans.gov.sy, the Nation Agency for Network Services, and contains data from 55 Syrian domains, 25 of which being .gov.sy: 2 .org.sy; 1 com.sy and the remainder with the generic .sy. Most of the domains affected in the breach are either inactive or older domains that are no longer in use. Very few of the domains appear to be of some importance to the people of Syria.” states the RBS.
The hacker group of the Cyber Justice Team is an opponent of both the Syrian Government and the IS, both oppressors of the Syrian people.
For more details on the data dump give a look to the report published by Risk Based Security (RBS).
(Security Affairs – Cyber Justice Team, data breach)