Hackers leak data of over 7,000 officers

Nov 14, 2015 09:44 GMT  ·  By

Hackers who declined to name themselves hacked the servers of the Brazilian Army, and later leaked the personal details of around 7,000 officers.

The attack was carried out after the Brazilian Army's team was accused of cheating in a series of cyber-security games.

The game in question is CTF (Capture The Flag), which relies on two teams attacking each other in a cyber-realm. Each team has to defend and then attack a similar network infrastructure, using only a preset list of attacks and defences. The game is very popular at security conferences and widely used to identify and recruit talented security experts.

The attacks were launched because of a few CTF games

According to the hackers' statement, the Brazilian Army team used a forbidden technique to win their CTF matches in a local CTF tournament. The technique they used is WiFi deauth, a simplistic attack that jams WiFi traffic, incapacitating the other team.

The hackers also seemed upset at the fact that the Brazilian army was bragging about their accomplishments, being particularly angry at the usage of the word "elite."

As a response, some anonymous members of the Brazilian cyber-community breached several servers belonging to the Brazilian Army, stole details about 7,000 officers, and placed them online.

"Each system has several critical vulnerabilities," said the hackers in their statement. "Not before long, we compromised databases, servers with different operating systems, email servers, several online systems and the 'game over' was the domain controller."

First signs of a Brazilian civil cyber-war

The hackers also had something to say about the army's increased focus on cyber-spying tools.

"No more foreign companies planting 'tools' in our backbone. You want to buy the HackingTeam tool? There is a backdoor in the backdoor! Pay attention to your actions!"

After Hacking Team servers were breached earlier this year, emails leaked in the incident showed that the Brazilian Federal Police Department bought the Hacking Team's Remote Control System (RCS) in 2015.