After ProjectDragonFly (100,000 accounts leaked from Chinese Sites), Project Hellfire (one million accounts belonging to Governments, Law Enforcement Agencies, etc.) and ProjectWestWind (120,000 accounts from top 100 universities all over the world), Team GhostShell has unveiled a new act of their cyber campaign against Governments and Organizations all over the world.
GhostShell (@TeamGhostShell) November 02, 2012
The latest operation is called ProjectBlackStar. In a clamorous protest against the Russian Government and the current situation (the still present communism feeling […] fused with todays capitalism and bred together a level of corruption and lack of decency of which we’ve never seen before), the collective has leaked 2.5 million accounts belonging to different sectors directly or indirectly related to government. Quoting literally: We’ll start off with a nice greeting of 2.5 million accounts/records leaked, from governmental, educational, academical, political, law enforcement, telecom, research institutes, medical facilities, large corporations (both national and international branches) in such fields as energy, petroleum, banks, dealerships and many more.
The massive leak has been split in different files. The list of targets is long and heterogeneous, and include several high-profile targets (such as the Jinr, Joint Institute for Nuclear Research).
This summer. when unveiling the leak of Project Hellfire, the collective anticipated two more projects scheduled for this fall and winter. Apparently they run faster than the timetable: only in this fall two projects have already been “delivered” (pretty much earlier than expected). Will their fury stop here?
Here the first part covering the cyber attacks from 1 to 15 April.
April is over and here it is the second half of the Cyber Attacks Timeline covering the time period spanning from 16 to 30 april 2012.
The last two weeks of this month have been characterized by several remarkable events (at least for the newspapers), such as the #OpBahrain which unleashed a trail of attacks from the Anonymous against websites related to the Formula 1 GP in Bahrain. Other noticeable events triggered by hacktivism include several DDoS attacks against CIA, MI6, Department of Justice, and a couple of Law Enforcement Agencies which continue to be a preferred target for hackers.
On the Cyber Crime front (still the major apparent motivation for the attacks) this month reports, among the events, a breach to Nissan and other DDoS attacks against the District of Columbia, the State of Washington and Nasdaq (I would not define them just motivated by hacktivism). Other events include a couple of 0-day vulnerabilities targeting popular e-mail services and affecting potentially million of users.
Last but not least, April has brought a new cyber attack to Iran crude oil industry, despite, so far, there are no clear evidences of a new Stuxnet-like Cyber Attack. This is not the only episode targeting Iran which also suffered 3 million of banks accounts compromised.
For the chronicle I decided to insert in the timeline also the breach to the game publisher Cryptic Studios. Although it happened in 2010 (sic) it was discovered only few days ago…
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.