UPDATE: A security expert who has reviewed the data says that “the data looks legit.” Still no confirmation from any of the supposedly effected parties, but I’ll update as more comes in.
A hacking group has gone public with a list of 1.6 million accounts it says it has compromised, as well as claiming that it has access to “vulnerable” servers at the Pentagon, DHS, and a variety of DoD contractors. [Tip of the hat to The Verge for picking up on this] Several experts I consulted, however, said that there appear to be a number of oddities about the release that suggest the claims may not be true. More after the break.
The group, which calls itself Team Ghost Shell, released an annual report of sorts highlighting its alleged hacking activity as part of operation White Fox. In the release the group claims to have accessed accounts associated with the following entities (partial list):
- General Dynamics Defense Systems
- The European Space Agency
- NASA’s Engineers: Center for Advanced Engineering
- Crestwood Technology Group
- Bigelow Aerospace
- California Manufacturers & Technology Association
The group is also claiming that it has found vulnerable servers at:
- The Pentagon
- Federal Reserve
- Intelligence firms
- L-3 CyberSecurity
A pentagon spokesman wouldn’t comment on the claims, citing policy, nor would a company spokesman for one of the named contractors. However, the people I’ve contacted are viewing these claims skeptically, and several oddities have emerged. For instance, L-3 CyberSecurity is neither a company nor a division of L-3.
Also (WARNING, I’M NOT A COMPUTER EXPERT) but the passwords that are posted don’t appear like anything that would ever by used, frequently several dozen random digits.
The groups twitter page bio reads, “Hacktivists of the 21st century. Taking on governments and private corporations is our way of protest. We are all ghosts living inside the shell.”
The posting of the data includes a message from the group that reads something like a Christmas letter slathered in hacker self-satisfaction. It includes:
“#ProjectWhiteFox will conclude this year’s series of attacks by promoting hacktivism worldwide and drawing attention to the freedom of information on the net. For those two factors we have prepared a juicy release of 1.6 million accounts/records from fields such as aerospace, nanotechnology, banking, law, education, government, military, all kinds of wacky companies & corporations working for the department of defense, airlines and more.”
I’ll update this post as more experts get back to me, but for the moment these claims remain unconfirmed.