Search This Blog

Powered by Blogger.

Blog Archive

Labels

#NullCrew hacks UNESCO Etxea & leaked sensitive data in defacement page

Nullcrew hackers has defaced the Unesco Etxea(unescoetxea.org) and leaked the confidential data.

nullcrew hackers group

One of the famous Hacktivist collective known as Nullcrew, has break into the official website of Unesco Etxea and defaced it.  unescoetxea.org is an internationally oriented NGOs working for the culture of peace, sustainable human development and human rights, at local and global levels.

When we try to visit the site, the hackers welcome us with a message 'welcome to the new front page of unescoetxea'. In the defacement page, a youtube video 'Ice Cube - Everything's Corrupt' is being played.

"You have been targeted by NullCrew, as part of the FuckTheSystem movement.
We have began the war, once again; but this time, good-luck even coming close to winning." The defacement message reads.

"The united nations, just a bunch of corrupt nations; united by one source of power.. And for that reason, we have came back; to repete the process.
Enjoy the candy."

Hackers has published some data compromised from the server in the defacement page itself.  The data includes directory and file names, wordpress configuration and Blog user credentials.

The data provided in the 'wordpress config' section contains the database name, username and the database password as well as the DB Host address.

In the 'blog user credentials' section,  there are only two entries that contain the username, password and email address.

At the time of preparing the news report, the website still displays the defacement page. The attack was announced via twitter about 19 hours ago. It seems like the admin is struggling to restore the site or not aware of the hack?!

Yesterday, they have also hacked into the official website of UK ministry of Defence via simple SQL injection vulnerability and dumped the data. 
Share it:

Defaced Website

Hackers News

NullCrew