14 DAY TRIAL // A group of hackers have broken into the website of the Greek Parliament and leaked administrative credentials and other password hashes.
Judging by the little English-language information available in the leak, the group calls itself Real Democracy Reverse Engineering (RDRE) and its target was the www.hellenicparliament.gr website.
It seems that the hackers managed to obtain access to the web server and read the contents of Web.config, the main configuration file for ASP.NET web applications.
In this case, the file contained the plaintext password for an account called parliamentsuperuser, however the hackers obscured portions of it in their release to avoid abuse.
They did the same with other password hashes extracted from the site's database, which seem to have also been salted. This is a good security measure which suggests that the site's administrators were not oblivious to secure practices.
Unfortunately, the salts were also exposed, the hackers leaking them in an obscured form as well. It's clear that this attack didn't intend to cause damage, but attract attention.
The hackers included a message in Greek and, even though the online translation systems we tried left a lot to be desired, it's clear that it is political in nature and has to do with the country's economic problems.
The Greek parliament gave a favorable vote to the government's austerity plan which involves cuts in pensions and public sector bonuses. The taxes have also been raised in order to avoid bankruptcy and meet the requirements of the European bailout plan.
The hackers accuse the parliament of standing idle by for years while government officials pushed their unqualified sons, daughters and nephews into public positions.
"Why would you care? Everything was going well. You had it all. Now you're falling from the clouds and you blame the foreigners. You always blame others. Blame yourselves!" the hackers wrote. [approximate translation]
While guided by political motives, the group doesn't seem to be affiliated with the Anonymous hacktivist collective or any of its current operations.