CyberZeist, the hacker who has recently left the UGNazi collective, has leaked a few hundred login credentials that he allegedly obtained by launching a spear phishing attack on US federal employees.
“This federal account release is not a result of some fancy and HiFi hack, it’s a result of a common flaw in human factor – Trust. These all federal accounts were jacked by using a simple method known as 'Spear Phishing'! These accounts are just a half part of a forthcoming #gov #leak,” he wrote next to the data dump.
The leak contains over 250 record sets comprising email addresses and clear text passwords.
CyberZeist claims that emails stolen from the breached accounts will also be published “very soon.”
According to the hacker, he obtained the credentials by spoofing a login portal.
“They have a login portal at [.mil domain] (intranet only). Their SSLv2 certificate can be spoofed easily so I replaced the original certificate with my fake one so that users can’t make out that they are logging at a fake portal,” the hacker told Softpedia.
“In my forthcoming leak I will fully disclose the vulnerability in their SSLv2 cert authentication. This exploit is somewhat similar to the one that happened with NASA by some Israel hackers,” he added.
We have been able to confirm that some of the email addresses are legitimate. While we couldn’t confirm the exact origin of the data, the passwords published by the hacker don’t show up in other data leaks.
In related news, CyberZeist once again highlighted the fact that his decision to leave
UGNazi had nothing to do with The Jester’s threats to expose the group.
“I (CyberZeist) have opted out of UGNazi for some personal reasons and not because of th3j35t3r, and from now onwards I am not a part of any team,” he wrote.