Team GhostShell Protests Against Extremists by Hacking Italian Government Sites

Team GhostShell’s leader, the hacker known as Echelon, has revealed the launch of a new campaign called ProjectWestWind, an operation aimed at “extreme-right nationalism and racism” in politics.

“As some of you may know (although not nearly as many as it should be), Europe has these past few years been hit by waves of extreme-right nationalism and racism in its political sphere. This includes nationalist political parties like Hungary's ‘Jobbik’, Italy's ‘Lega Nord’ and Finland’s ‘True Finns’,” Echelon said.

“The parties thrive on ignorance and disappointment, and have risen towards power on the wave that was the 2008 economic crisis - just as the NSDAP did during the 30s.”

The first victims of ProjectWestWind, which targets European governments, are a number of state-owned sites from Italy.

One of the targets is the Comune di San Marzano (sanmarzano-ta.gov.it), the site of which has been defaced to display the hackers’ message. Besides altering the website’s main page, Team GhostShell has also leaked more than 100 usernames and password hashes, including the ones of the administrator.

Another target is IV Circolo C.N.Cesaro (cncesaro.gov.it) from which the hackers have leaked 41 record sets comprising usernames, email addresses, names and password hashes.

primocircolovico.gov.it has been taken offline after the group has gained access to their databases, publishing 22 login details and 68 entries from a table named “docent.”

Names, usernames, passwords and email addresses have been also stolen from donmilaninapoli.gov.it, istitutodenicola.gov.it, cavaprimocircolo.gov.it and itimarconi.gov.it, all of them being taken offline.

The Italian government sites haven’t been the only victims of the first phase of ProjectWestWind. The website of the Swedish Vänsterpartiet political party (vansterpartiet.eu) and the one of the Council of Bars and Law Societies of Europe (ccbe.eu) have also been breached. From each of their databases the hackers have made available a handful of login details.