The Cyber Justice Team claims a massive Data Leak from the Syrian Government, more than 43 GB of Data available Online
The hacker group named Cyber Justice Team leaked 10 GB of compressed data (when decompressed are over 43 GB of data) from several Syrian government and private companies.
The group claimed to have hacked Linux server belonging to the Syrian regulatory commission for IT services, the Syrian National Agency for Network Services.
The group has uploaded the files to the MEGA file hosting service and announced the data hack on PasteBin and also published the password of the breached server.
Is it a fresh dump?
According to security experts from Risk Based Security (RBS) who analyzed the archive most of the leaked information comes from past data breaches.
“The first pass at reviewing the data sparked a sense of some more deja vu, as many of the files appeared to include domains from previous, smaller defacements and leaks,” states a blog post published by RBS. “Further analysis confirmed our initial suspicions.”
The data dump contains 38,768 folders, it includes 274,477 files from 55 different website domains, belonging to government agencies and private companies.
The vast majority of files in the data dump were default Plesk files, Joomla!, and Cportal (phpnuke-cms) setups. The attackers may have exploited known vulnerabilities in outdated software.
“That said, our analysis shows the data appears to originate from nans.gov.sy, the Nation Agency for Network Services, and contains data from 55 Syrian domains, 25 of which being .gov.sy: 2 .org.sy; 1 com.sy and the remainder with the generic .sy. Most of the domains affected in the breach are either inactive or older domains that are no longer in use. Very few of the domains appear to be of some importance to the people of Syria.” states the RBS.
The hacker group of the Cyber Justice Team is an opponent of both the Syrian Government and the IS, both oppressors of the Syrian people.
For more details on the data dump give a look to the report published by Risk Based Security (RBS).
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.