The hacktivists from Team GhostShell announced an early 'Freedom of Information' Christmas present today after breaking out the holiday hammer and pounding on government agencies like the Pentagon, NASA, ESA, the Federal Reserve and Interpol to name but a few.
Team GhostShell has made quite a name for themselves as a group “taking on governments and private corporations” as a way of protesting and “drawing attention to the freedom of information on the net.”
Along with massive links to data dumps on Pastebin, the group claims to have emailed ICS-CERT Security Operations Center, Homeland Security Information Network, FBI in Washington and Seattle, NASA at Langley and others warning about “another 150 vulnerable servers from the Pentagon, NASA, DHS, Federal Reserve, Intelligence firms, L-3 CyberSecurity, JAXA, etc. consider it an early Christmas present from us.”
In a Pastebin post, the group announced #ProjectWhiteFox:
Kay, let's get this party started! ESA, NASA, Pentagon, Federal Reserve, Interpol, FBI try to keep up from here on out because it's about to get interesting.
Since it's our final stand this year, we've made the call to invite you guys to our event as well. How? Well, how about by starting with the fact that anti-terror agencies have been keeping an eye on us from the beginning. GlobalTerrorAlert you and the rest thought were invisible just because your own websites were set to 'hidden'? Silly kids, if you're on the net, then you can be sure that someone is watching you, no matter how hard you try to hide.
How did we find you? How did we find everyone else? Easy. You're predictable.
The group then linked to a document from Flashpoint Partners that talks about the “number of spectacular attacks” that have been credited to #TeamGhostShell.
Also, "It's not that hard to inject malware in gov's and spy a little," the group wrote and linked to this image:
Numerous corporations and sites from banks to lawyers were also hit in Project WhiteFox. There were about 1.6 million account details leaked from nearly 40 websites with a ton of data ranging from usernames, email addresses, passwords, phone numbers, mailing lists, administrator account information, defense data and other sensitive information. The leak covers “fields such as aerospace, nanotechnology, banking, law, education, government, military, all kinds of wacky companies & corporations working for the department of defense, airlines and more,” they wrote.
The Pastebin post included mirrors that contain the breach information and mention the following:
The European Space Agency; NASA's Engineers: Center for Advanced Engineering; Crestwood Technology Group - CTG123; Bigelow Aerospace; California Manufacturers & Technology Association - CMTA.net; Aerospace Suppliers; World Airport Transfers; General Dynamics Defense Systems - GD-OtsCanada; Zero-Max - Manufacturer of parts; MicroController Shop; JP Chem eData; Apsira + Anac; Ivao Aero; Human Security Gateway; Hamamatsu; NanoConference; Colonial Tool + MobilServ.nl; HMI CronPowder. At the Credit Union National Association - CUNA, the group claims that “over 85 million people are at risk."
Also listed were: Defense Contractor for the Pentagon - DPAtitle3; Business Consultancy dealing mostly with military personnel - Drum Cussac; Among the top 50 attorney offices in the US - Glaser Weil; Institute of makers of explosives – IME; At Your Business; Intelligence firm – Aquilent; Lawyers - Schneider Wallace; Texas Bankers; About PMC; RotherHill Developments; LosAngeles Global Events; CuyahogalandBank; Army UK, SmeHelpLine; Thinkkc; Lexpert; The Texas Education directory for lawyers – Utcle; Global Business – GBN and VSoft.
If you've ever wondered about "DeadMellox," Team GhostShell wrote that he "was a ghost to begin with. Never existed. No, really. Before we created "him", he never exited [sic] on the internet, zero searches on google and all that jazz. Starting to get it now? We used the name afterwards to trackback all mentions of that name all over the place. Well, the whole plan is a bit more complicated than that, part of a bigger story, but let's leave it at that for now."
Although Team GhostShell said this is their last such data dump for 2012, the group mentions something that “should be of great interest to everyone that uses the internet.”
The ITU (International Telecommunication Union) is hosting a meeting right now that may very well decide the fate of how the inet will be managed in the future. Basically the UN may very well give total power to the ITU on how to handle everything.
The initiative for preventing the internet from turning into a governmental police-state has already begun by getting different websites/companies to 'deface' their own site with a message about it and why they're against it. GhostShell is encouraging this phenomenon as well. If you're liking this idea, feel free to do it too, regardless of who you are. Spreading the message and informing people about it is what matters.