14 DAY TRIAL // Hackers of TeamBerserk claim to have breached the systems of The West Australian, a local newspaper, and the ones of Loretto Telecom, a Loretto, Tennessee-based telecoms company.
The West Australian was allegedly hacked by exploiting an SQL Injection vulnerability. The hackers leaked server information along with the details of tens of users, including usernames and password hashes.
“First we get into The Western Australian, get root through an SQLi and BoF with shell, then we root the entire box, then we get into all the hosted domains namely Southern Computer Company,” the hackers wrote next to the leaked data.
“After that we get into SCC client base and [expletive] around with their client computers which are running remote services on Windows machines; and some of these clients are AU Government. Thanks for the additional bots and all the data,” they added.
As far as Loretto Telecom is concerned, TeamBerserk published the email addresses, usernames, and clear-text passwords of over 1,400 customers. They’ve even provided the URL for the webmail login section of Loretto Telecom’s website.
“We worked together quite quickly when we exploited and got root to this box. After we got axx we plundered all of the accounts for tens of thousands of digital monies ($), with these monies we purchased BTC and LTC and ordered lots of [adult toys] and pizzas to the FBI and DoJ like we normally do when we get lots of booty (YARR),” they said.
“Now that we have released this #Data lots of users will most likely change their credential details. So if you didn't get to it within the first 24 hours you will not have a lot of luck logging into these. Lots of accounts will most likely be the same credentials as listed here, but don't count on it,” the hackers noted.
They claim to have targeted Loretto Telecom to make money and “for the lulz.”