The hacker group named Cyber Justice Team leaked 10 GB of compressed data (when decompressed are over 43 GB of data) from several Syrian government and private companies.
The group claimed to have hacked Linux server belonging to the Syrian regulatory commission for IT services, the Syrian National Agency for Network Services.
The group has uploaded the files to the MEGA file hosting service and announced the data hack on PasteBin and also published the password of the breached server.
Is it a fresh dump?
According to security experts from Risk Based Security (RBS) who analyzed the archive most of the leaked information comes from past data breaches.
“The first pass at reviewing the data sparked a sense of some more deja vu, as many of the files appeared to include domains from previous, smaller defacements and leaks,” states a blog post published by RBS. “Further analysis confirmed our initial suspicions.”
The data dump contains 38,768 folders, it includes 274,477 files from 55 different website domains, belonging to government agencies and private companies.
The vast majority of files in the data dump were default Plesk files, Joomla!, and Cportal (phpnuke-cms) setups. The attackers may have exploited known vulnerabilities in outdated software.
“That said, our analysis shows the data appears to originate from nans.gov.sy, the Nation Agency for Network Services, and contains data from 55 Syrian domains, 25 of which being .gov.sy: 2 .org.sy; 1 com.sy and the remainder with the generic .sy. Most of the domains affected in the breach are either inactive or older domains that are no longer in use. Very few of the domains appear to be of some importance to the people of Syria.” states the RBS.
The hacker group of the Cyber Justice Team is an opponent of both the Syrian Government and the IS, both oppressors of the Syrian people.
For more details on the data dump give a look to the report published by Risk Based Security (RBS).
[adrotate banner=”9″]
(Security Affairs – Cyber Justice Team, data breach)
FBI warns Silent Ransom Group has targeted U.S. law firms for 2 years using callback…
The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices…
Law enforcement operation codenamed 'Operation RapTor' led to the arrest of 270 dark web vendors…
A Chinese threat actor, tracked as UAT-6382, exploited a patched Trimble Cityworks flaw to deploy…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Samsung MagicINFO 9 Server vulnerability to its…
Signal implements new screen security on Windows 11, blocking screenshots by default to protect user…
This website uses cookies.