“I would like to tell you that I have successfully penetrated the site” Cryptolulz told me via Twitter. “I have taken over its database”
He exploited a blind SQL Injection vulnerability, he hacked the website of Russian embassy of Armenia to create awareness amongst the authorities.
“because I don’t think they care much about security … lol”
The hacker tried to contact the admins of the website some time ago, but he hasn’t received any response.
“I left them an email but no reply so I decided to leak a short amount of their database…” he added.
He broke into the database a0014414_embassy that contains 36 tables, but the hacker leaked only the “user” table which contains the credentials for the admin, the editor and other people in the stuff. He avoided disclosing the members’ records because they may include classified information.
Data was published on Pastebin, leaked records include id, name, type, email, login, password, last visit IP address, last visit date, profile creation date.
Cryptolulz was involved in several data leaks of government websites, including the Mexican telecommunication website and several DDoS attacks against government website and banks. He defined its motivation as “politically driven hacking.”
My reason for targeting this website was to create awareness amongst the people and higher authorities… because I don’t think they
Cryptolulz now joined a new hacking team called Fallensec.
(Security Affairs – Russian embassy of Armenia, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.