The hacker breached the India Regional Council as well as organizations and embassies across the world. Recently he hacked the ‘Dipartimento della Funzione Pubblica’ Office of the Italian Government, the Paraguay Embassy of Taiwan (www.embapartwroc.com.tw), and the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya. Kapustkiy.
Now the hacker is back announcing that he left the Powerful Greek Army and that he hacked the Venezuela Army.
— Kapustkiy (@Kapustkiy) 2 dicembre 2016
Kapustkiy has hacked the Venezuela Army and leaked 3000 user records on Pastebin containing personal information such as names, emails, and phones.
The hacker breached the CATROPAEJ (“Caja de Ahorros de la Tropa Profesional del Ejercito Bolivariano Venezolano”) database, he also discovered some logins for the Army’s webmail system, but he did use them.
I reached Kapustkiy that confirmed me the exploitation of an SQLi vulnerability in the target application.
He triggered an Error-Based SQL Injection, this means that he tried to trigger errors in the database by passing unsanitized input in the URL.
Kapustkiy reported the problem to Venezuela Army more than a week ago, but he received no reply.
He told me that he is focusing on South America Governments and Asian organizations.
(Security Affairs – Kapustkiy, Venezuela Army)