The attackers exploited an SQL Injection vulnerability to gain access to the data
Anonymous-affiliated hackers of a group called Raptor Swag claim to have breached a website of China’s Chamber of Commerce. The hacktivists have leaked a 7.4 Mb file containing various pieces of information.The website targeted by Raptor Swag is the one of the China Council for the Promotion of International Trade Zhejiang Sub-council, also known as the China Chamber of International Commerce (CCOIC) – Zhejiang Chamber of Commerce (ccpitzj.gov.cn).
“China is silly. They toss around images of their powerful army and their unstoppable government, yet in all the rage about making propaganda reels, they do not sufficiently secure their systems from basic attacks,” the hackers noted.
The hackers published tens of .csv files and a couple of log files. They’ve also leaked the names, email addresses, phone numbers and IP addresses of individuals who are presumably Chinese officials.
The location of the SQL Injection vulnerability they’ve exploited to gain access to the information has been revealed.
The hackers claim to have breached a total of 71 Chinese government websites, this being one of them.
“Check the ‘log’ files contained in this release to get an idea of how many databases we had. We could have simply dropped the tables and columns from each one if we had more time to spare. Regardless, this is a great way to show China that they are really easy to own,” the hackers noted.
As far as the hacker group is concerned, Raptor Swag is a collective of “dedicated individuals” who used to breach websites under the Anonymous banner. For instance, some of the team’s members are responsible for the attacks on the Syrian government.
However, they’ve decided to operate under Raptor Swag because “its many technicalities put a restriction on what we feel matters most – self amusement.”