Categories: Breaking NewsHacking

Anonymous Hacker breached WTO database and Leaked data of internal staff

Hackers belonging to the Anonymous collective hacked the website of the World Trade Organization (WTO) and leaked personal data of thousands of officials.

Hackers belonging the Anonymous collective compromised the website of the World Trade Organization (WTO) and leaked its database containing personal data of its members.

The stolen data are related to personnel of WTO sites located in various countries, including Brazil, China, France, India, Indonesia, Pakistan,  Russia, Santo Domingo, Saudi Arabia, Sri Lanka, United States and many others.

The colleagues at the HackRead web portal contacted members of Anonymous, which confirmed that they exploited a simple SQL injection vulnerability in order to access personal data of thousands of members from around the world. The hackers confirmed that the organization is aware of the attack and that the measures adopted to secure the systems were not effective

“THERE WERE OVER 53000 USERS NAMES, PHONES ETC. I HAVE HACKED AT FOR THE SECOND TIME TODAY AND THIS IS SECOND TIME WHEN THEY HAVE CHANGED THEIR SYSTEM BECAUSE OF MY HACK.” the hacker told to HackRead.

The hackers targeted the ecampus.wto.org domain which is used by the WTO to provide online courses on international trade law and other trade-related matters.

The Anonymous member, who requested to remain anonymous, breached the WTO database also hacked two Israeli arm dealers/importers and leaked thousands of client login data online under the #OpIsrael 2015.

The experts at HackRead have analyzed the data leaked by the members of the Anonymous and confirmed that they are authentic and that they are not part of archive stolen in the past by other group of hackers.

The material stolen from the WTO database includes:

  • LEAKED ADMIN INFO: Personal data (i.e.  first and last names, phone, numbers, fax number, titles and email addresses) and login credentials of 58 users with “administrator” profile. The expert also discovered a second table used to archive data of about 34 more administrators.
  • LEAKED CANDIDATES’ INFO: Personal information of candidates that includes first and last names of 80 candidates and date of birth. The experts that analyzed the archive clarified that there is no news regarding the way the WTO collected candidates’ data (i.e. job interviews or events related activities).
  • LEAKED OFFICIALS/STAFF INFO: Login credentials and other personal information of internal WTO staff and officials from around the world. The archive includes full names, ids, emails, IP addresses, phone numbers, job titles/positions, country names, names of the embassies where the officials are currently working, postal codes, supervisor names, language details and registration numbers of around 2100+ officials and staff members.

It is clear that the information stolen in the data breach represents a serious threat for the security because it could open the door to spear phishing attacks.

The links to the complete WTO archive stolen by hackers are available on PasteBin.

Pierluigi Paganini

(Security Affairs – WTO, hacking)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target…

10 hours ago

City of Wichita disclosed a data breach after the recent ransomware attack

The City of Wichita disclosed a data breach after the ransomware attack that hit the…

18 hours ago

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

CISA adds two D-Link DIR-600 and DIR-605 router vulnerabilities to its Known Exploited Vulnerabilities catalog. The…

21 hours ago

CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog

CISA adds two Chrome zero-day vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity…

23 hours ago

North Korea-linked Kimsuky APT attack targets victims via Messenger

North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware.…

1 day ago

Electronic prescription provider MediSecure impacted by a ransomware attack

Electronic prescription provider MediSecure in Australia suffered a ransomware attack likely originate from a third-party…

1 day ago

This website uses cookies.