The systems of a total of nine organizations have been breached

Apr 22, 2014 07:14 GMT  ·  By

On Easter Sunday, hackers of the NullCrew collective announced breaching the systems of nine organizations. The list of targets is comprised of the University of Virginia, Spokeo, Telco Systems, National Credit Union, the Science and Technology Center of Ukraine (STCU), the International Civil Aviation Organization, the State of Indiana and ArmA2.

Earlier this month, the hackers also attacked Klas Telecom, a government contractor which admitted that its legacy helpdesk system was breached and that NullCrew gained access to some old customer data.

“[FTS] is generally aimed at the government, or anything that is corrupt; and that is the reason for these attacks. Ranging from government contractors, to universities, to telecommunications compaines, to information databases, and other things,” the hackers wrote next to the leaked data.

“They are all part of the system; and have failed examinations the first time around; some of the attack methods may have been simple, or the data not to complex,” they added.

“But, it can still lead to things that they do not want; and it also costs them, therefore we have committed actual damage to this certain aspect of the system. In a way, we achieve our goal.”

From each of the penetrated systems, the hackers have leaked various types of data, including administrator credentials, email addresses, usernames, password hashes and server information.

As far as the University of Virginia is concerned, this isn’t the first time its systems are breached. However, it appears that the organization still hasn’t managed to properly secure its networks. The university hasn’t said anything regarding the incident, but DataBreaches.net has learned that they’re investigating.

Spokeo representatives have confirmed for ZDNet that their systems have been hacked. The company said that the attack took place in mid-January. They claim that NullCrew has only breached the Spokeo blog and that no customer information has been compromised.

The hackers said they had “backdoored” Spokeo over 6 times in a 72-hour period.

None of the other targeted organizations have mentioned anything about the incident, but the hackers have provided some details about their operation. For instance, they claim to have harvested emails from STCU’s mail server for more than one year.

Risk Based Security and Data Breaches have analyzed the leaked data. RBS notes that while the hackers haven’t leaked any sensitive data belonging to the customers of the National Credit Union, they have leaked credentials for forms, CMSs and WordPress Installations affiliated with the organization.

In the case of the State of Indiana, NullCrew pulled off the attack by exploiting a local file inclusion vulnerability.