Cyber Justice Team hackers leak Syrian government data

Apr 9, 2016 22:25 GMT  ·  By

On April 6, a hacking outfit going by the name of Cyber Justice Team leaked 10 GB of compressed data from multiple Syrian government and private websites.

The hackers uploaded the files on the MEGA file hosting service, which when decompressed yielded over 43 GB of data. The announcement was also accompanied by a PasteBin which included the password file from a breached Linux server belonging to the Syrian National Agency for Network Services, the country's regulatory commission for IT services.

Most of the leaked data seems to be from older attacks

Analysts from Risk Based Security (RBS) examined the data dump, which they say contained 38,768 folders with 274,477 files from 55 different website domains, belonging to both national agencies and private companies. The data contained database dumps, and even server passwords.

Of the 55 domains, 25 were government websites (.gov.sy), two .org.sy domains, one .com.sy, and the rest were regular .sy domains.

"The first pass at reviewing the data sparked a sense of some more deja vu, as many of the files appeared to include domains from previous, smaller defacements and leaks," RBS wrote in a blog post on Friday. "Further analysis confirmed our initial suspicions."

A closer look at the stolen files revealed that most of them were generic Plesk (Web hosting panel) files, or from Joomla and Cportal (PHP-Nuke-based portal) installations.

It is worth mentioning that both Cportal and PHP-Nuke, its underlying technology, are extremely outdated, haven't received any recent updates, and are known for having security vulnerabilities. This confirms that the data may be from older hacks, when Cportal was still a popular CMS platform, especially in the government sector.

Cyber Justice Team is anti-ISIS, anti-Assad

In statements made on Twitter, the Cyber Justice Team took a stance against ISIS and the Assad regime, calling them both "killers of the Syrian people."

In the past week, two massive data breaches were released online by hacktivists. First, an unknown group released details of about 50 million Turkish citizens, then Anonymous Philippines and LulzSec Philippines lead the details of 55 million of their fellow nationals.

A list of all domains included in the data breach is available on the RBS website.  

Hackers announcing leak on Twitter
Hackers announcing leak on Twitter

Photo Gallery (2 Images)

Cyber Justice Team hacks Syrian government website
Hackers announcing leak on Twitter
Open gallery