Hackers Publish Information from IAEA’s Nuclear Data Section
Parastoo claims to have access to more than 15 domains operated by the agency
Since the International Atomic Energy Agency (IAEA) haven’t taken them seriously, the hackers who call themselves Parastoo have leaked another round of data. This time, the target is IAEA’s Nuclear Data Section (nds.iaea.org).“In response to IAEA's last official statement, we're now publishing additional information to prove our ability to gain access to highly sensitive information, including Confidential 'SafeGuard' Documents, Satellite Images, Official letters, Presentations and etc,” the hackers wrote.
“We hope positive IAEA's decision as an independent international organization doesn't allow this to happen again.”
After the last breach, IAEA representatives stated that the hackers had gained access to an old server. However, the hacktivists claim that they’ve breached new servers as well.
The say they control over 15 IAEA web domains and, in order to prove it, they’ve published not only information taken from the NDS server, but also the details of the vulnerability that allowed them to access it.
The data dump also contains database access information, including hostname, database name, username and password.
The domains the hackers claim to have access to include nucleus.iaea.org, goto.iaea.org, vichousing.iaea.org, forums.iaea.org, library.iaea.org, pki.iaea.org, pub.iaea.org, entrac.iaea.org, mvgs.iaea.org and others.
“There are plenty more of where this information came from but we guarantee that these information will stay in a very safe place with us,” the hackers added.
“This information only released to open eyes of IAEA and independent media to real threat of world peace, Israel. Our intentions are not to sabotage or misuse such data for any purposes what so ever.”
They insist that the IAEA start an investigation on Israel’s “secret nuclear facilities.”
After the initial breach, the agency’s representatives stated that they were working on patching up IT systems to make sure that no other information could be extracted. However, if the hackers are right, they still have some serious patching to do.