National Aids Research Institute NARI hacked by the Shad0w Security crew

The hacker @Sc0rp10nGh0s7 from the Shad0w Security group has broken in the server of the National Aids Research Institute NARI (India).

The hacker @Sc0rp10nGh0s7 from the Shad0w Security crew has broken in the server of the National Aids Research Institute NARI (India). The hacker accessed a more than 1 GB archive containing the results for dozens Hiv test.

The hacker just released a small portion of the compromised archive as proof of the data breach. They explained to me that they want to avoid problems with the patients, but this hack aims to demonstrate that the security staff at the Institute is not able to protect so sensitive information.

“this time we won’t leak everything, since our purpose is to hurt the gov not the people. The database file I have is more than 1Gb” told @Sc0rp10nGh0s7.

When I asked more technical details about the attack, the hacker told me that they prefer to keep secret the flaws.

I decided to avoid publishing the link to the data due to nature of the victim.

He also told me that the National Aids Research Institute NARI (India) has a good level of security despite the hack. The hacker breached an internal server of the organization and noticed the admin likes to put username & password in a text file.

“the way we choose the targets is random that helps us to not be expected, we will be in a place they least expect us to be” added the hacker.

The overall internal network was breached by the hackers.

In November 2016, the hacker Shad0wS3C hacked the Institute of the Registral Function of the State Mexico (FREM) and leaked the database online.

In August 2016, the group hacked the Paraguay’s Secretary of National Emergency (SNE) website and leaked online a dump from a PostgreSQL database.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Gh0s7, National Aids Research Institute NARI)