News

Ghost Shell hacktivists publish over a million credentials

Warwick Ashford

The Ghost Shell group, an offshoot of the Anonymous hacking collective has published the log-in details from 1.6 million accounts.

The credentials were stolen from a series of hack attacks on Nasa, the FBI, the European Space Agency and 34 other government agencies and contractors, especially those working for the US Department of Defense.

The data, which also includes email addresses, CVs and the contents of online databases, was posted on several different sites to stop it being found quickly and deleted, according to BBC reports.

Ghost Shell said it had sent messages to security bosses about 150 insecure servers it had targeted in the attacks.

In a statement posted on the Pastebin website, Ghost Shell said the attacks were part of its #ProjectWhiteFox campaign to promote freedom of information online.

Ghost Shell has carried out a number of attacks in 2012, publishing details from millions of accounts held at businesses, universities and Russian government departments and companies.

The group said #ProjectWhiteFox was the last operation it would carry out in 2012.

The hacking of websites or computer systems for a politically or socially motivated purpose, known as hacktivism, is becoming increasingly common.

In the UK this week, David Morris, MP for Morecambe & Lunesdale, said an organisation claiming to represent "Freedom for the Mujahideen" had taken over his website.

Hacktivism is increasingly viewed as a threat that organisations should defend against, but hacktivists should not require any special attention, according to Amichai Shulman, chief technology officer (CTO) of security firm Imperva.

"Hacktivist attacks are occasional, while criminal attacks are a daily reality for most businesses and other organisations, so they should concentrate on those," Amichai Shulman said.

If businesses are prepared for criminal hackers, they should be prepared for hacktivists because, unlike criminal hackers, hacktivists tend to use standard tools that are easier to defend against, Shulman told Computer Weekly.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy