After taking a short break, Team GhostShell hackers return with an operation called ProjectDragonFly, a campaign aimed at China and particularly at the country’s government.
“I've been looking into China's actions in more detail since a couple of months ago and I've learned quite a bit about its constitution, both online and irl. I always knew that it's still very much a communist country, that makes a habit of silencing it's people whenever they disagree with their government, locking them up or worse,” DeadMellox, the leader of the crew, wrote.
published by the hacker cites a number of sources which highlight the wrongdoings of the Chinese government.
“#ProjectDragonFly will start off with hacked chinese gov, edu and ac domains,” he explained.
“Most are national site's [sic], but a lot of them are also regional, like Hong Kong (hk), Beijing (bj), Shanghai (sh), Macau (mo), Tianjin (tj), Anhui (ah), etc.”
The new operation is only in its initial phases, but the hacker claims that he has already obtained 800,000 records sets, 100,000 of which have been published online.
The information is comprised of usernames, passwords, addresses, phone numbers, private messages and much more.
The list of victims, as categorized by the hacker, includes the China Bearing Commercial Community (bearing.com.cn), International Club of Dalian (icdalian.com) – an international community club in north-east China –, and the Aluminum Corporation of China Limited (chalco.com.cn).
Academic and educational institutions, government organizations, airports, news sites, the China Telecommunication Technology Labs (CTTL), and “cyberpolice” agencies have also been breached by Team GhostShell.
The vulnerabilities that allowed the DeadMellox to gain unauthorized access to all that data have been made publicly available.
One last thing that must be noted is the fact that, according to the hacker, one of the group’s members has been arrested “in his country” for involvement in Anonymous attacks, this being one of the reasons for which law enforcement websites have been targeted. Note. Because of the great potential for misuse we are not providing a link to the data leak