July 2, 2015 by

Hacktivist Group GhostShell Claims it Hacked Over 300 Websites

In a series of tweets that detail their latest exploits, Team GhostShell, a hacker group has claimed to successfully hacking over 300 websites around the world with the personal data of over 13,000 users being dumped online, as revealed by Symantec in a blog post.

The hacking spree

Claiming to hack hundreds of websites within the past 48 hours, Team GhostShell posted multiple links showing a number of educational portals, Korean and Japanese websites, travel portals and more as victims of their hacking spree.

With no seeming pattern to the attacks, Team GhostShell claim they hope to raise awareness and attention to the vulnerability and shoddy cybersecurity that most websites embrace, according to group.

Educational institutions targeted in the attack include:

  • The University of Southern California (USC)
  • Princeton University
  • The University of Maryland
  • UCLA Electrical Engineering Department
  • University of Michigan and plenty more.

Those around the world weren’t spared either, with the University of Delhi in India also a victim of the spree. So too were institutions in Australia, Egypt, China along with many other .edu domain websites.

According to preliminary reports looking into the dumped files that have been obtained from the extensive data breach, users’ personal data includes:

  • Names
  • Email addresses
  • Skype IDs
  • Phone numbers
  • Physical addresses

“Reports say that the data dumps reveal compromised account details numbering in the thousands at the lower estimate; however, this number is probably much higher,” said Symantec security researchers.

They also added that while some passwords were encrypted and hashed, most were still stored in plain text. The data dumps also revealed plenty of examples of notoriously weak password: 123456.

A history of notoriety

Team GhostShell were last active in 2012 before going into a hiatus and surfacing again in the present day. At the time, they had:

  • Leaked hundreds of thousands of records from top Ivy-league schools and global universities.
  • Took on organizations such as NASA, the Pentagon and other political groups.
  • Dumped and made public availability of 1.6 million accounts and records from various departments including the Federal Reserve, the FBI, NASA and the Pentagon in December of 2012.

The data dumps from 2012 revealed the usage of SQLmap, a popular injection tool used by hackers which injected and infected the victims’ servers and websites with SQL code.

It is recommended that individuals use strong passwords that are unique to every website and never used across other sites. It’s also recommended that websites providing two-factor authentication as a feature is enabled, giving users comprehensive security.

Admins are advised to use web application firewalls for their databases and keeping all systems and software patched and up-to-date. As a rule of thumb, a Threat Assessment Test is recommended for any institution or enterprise as a precautionary measure to know where any vulnerabilities may be in your networks and website(s).

We will keep you updated on this developing, breaking story.


About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Snapchat Phishing Attack Swipes Credentials of Over 50,000 USers

Details have emerged on a phishing attack which saw hackers steal the credentials of over 50,000...

Read more arrow_forward

$3 Million in Cryptocurrency: Hackers Pull Off “One of Biggest Mining Operations” Ever

Hackers targeting the servers of popular open source Java-based automation program Jenkins CI have...

Read more arrow_forward

Cyberattacks Cost Up to $109 Billion in 2016: White House Report

In a report on Friday, the White House Council of Economic Advisers estimated that malicious cyber...

Read more arrow_forward