Shad0w Security claimed responsibility for the data breach of the EJBCA – Open Source PKI Certificate Authority.
Shad0w Security recently breached into a Switzerland Branch of EJBCA – Open Source PKI Certificate Authority and stole dozens of certificates and credential in clear text.
“EJBCA® is a PKI Certificate Authority software, built using Java (JEE) technology. Robust, flexible, high performance, scalable, platform independent, and component based, EJBCA can be used stand-alone or integrated with other applications” states the description of the EJBCA.
The group’s message also mentions the politic of the US that is accused of persecuting people like Snowden, because he revealed the surveillance machine of the Government of Washington.
“oh, and lets not forget the united nations a.k.a united states, do you really think the UN is some sort of peace keepers or guardians of some kind ? then you need to wake up.” continues the message. “you saw what happens to people who ask questions or fight for you and risk their selves, people like Snowden [they were once part of the system but they woke up], they told us the truth, they showed us the way, why haven’t we woke up yet ? what’s more damaging is not what the governments are doing, but your silence is their power, and as long as they are in power you are not free.”
Gh0s7 provided me evidence of the hack by showing data leak that belongs to EJBCA certificate authority breached by his team.
I was contacted by a representative of the PrimeKey Solutions, the company behind EJBCA who provided me further details on the incident
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.