14 DAY TRIAL // Hackers of Sector 404, a group that claims to be working under the Anonymous trademark, managed to breach the Spanish website of the United Nations’ Refugee Agency ACNUR (acnur.org), by making use of a vulnerability that could be found on one of the pages where customers can request information.
As a result of the hack, they leaked administrator usernames, passwords (not in clear text) and names of the tables found in their database.
“This is a small demonstration of the contents handled by the Sector 404,” wrote the group in a Pastebin document.
Judging by the data they published, they seem to have used a tool similar to SQL Poizon, an automated tool that crawls through a website to find SQL injection vulnerabilities that can be taken advantage of.
On the other hand, they also leaked what seems to be Barack Obama’s email address, username, password (not in clear text), personal phone number and a login ID, but the source of this information is not clear.
Other individuals whose information was leaked are Dirk Wildt from Die Netzmacher and Schaffstein from a non-profit organization called TYPO3.
This is the second hacking operation this week that targets a program of the United Nations. Not long ago, TeaMp0isoN managed to breach the defenses of their Development Programme (UNDP), leaking data on many of its members.
While the UNDP stated that the information was outdated and stored on an old, unpatched server, members of TeaMp0isoN quickly came forward to deny the allegations. They even posted a new document to prove that what UN representatives reported was untrue.
Every hacker in the world seems to want a bite from the United Nations. Hopefully, they will take this opportunity to properly patch up their security, to make sure that such incidents will not occur in the future.