Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label NullCrew. Show all posts

Alleged "NullCrew" Hacker arrested by FBI

FBI has arrested a 20-year-old Tennessee man for allegedly conspiring to launch cyber attacks on a number of businesses and educational organizations.

Timothy Justin French, known online as 'Orbit', is believed to be part of the famous hacking group "NullCrew".  The group is best known for its hacking attacks against World Health Organization and PBS.  Earlier this year, the group also hacked into Bell Canada website.

According to the DOJ, the FBI with the help of 'confidential witness' approached members of the Nullcrew Team on Skype, Twitter and CryptoCat.

After gaining their trust, Fed's inside man engaged them in conversations that includes discussions on past,present and future attacks and their hacking techniques.

The FBI used the information gathered by witness to track the IP address of one of the computers used in some of the NullCrew attacks.

"The computer hacking charge in this case carries a maximum sentence of 10 years in prison and a $250,000 fine. If convicted, the court must impose a reasonable sentence under federal statutes and the advisory United States Sentencing Guidelines."

Bell Canada website hacked with POST-based SQL Injection vulnerability

Few days back, Nullcrew hackers hacked into Bell Canada website and leaked thousands of customer data.

Bell Canada confirmed Sunday that usernames and passwords of 22,421 and five valid credit card numbers have been leaked by hackers.  However, the organization points finger at Third-party saying the leak "results from illegal hacking of an Ottawa-based third-party supplier's information technology system".

Bell claims its own network wasn't affected by this breach.  Bell has disabled all passwords and notifying all affected users.  They are currently working with law enforcement and government security officials to investigate the matter.

"Quite a laughable claim, Bell actually knows of the breach, they knew the vulnerable section of the website for two weeks."In a response to the Bell's claim, hackers said in their twitter account.

The screenshot provided to DataBreaches shows that the hackers had a chat with Bell Support team.

Nullcrew chatting with Bell support team

Hackers said a POST based SQL Injection vulnerability resides in the password recovery page of Bell's sub-domain( https://protectionmanagement.bell.ca/passwordrecovery_1.asp)

Post-based SQL Injection in Bell Canada

Nullcrew hackers claims to have hacked Bell Canada

The Nullcrew Team is back! After several months, the group returned with a new database leak.  They claimed to have hacked into the Bell Canada website(www.bell.ca) and compromised the database server.

Just few hours before, the group published a link to leak(http://nullcrew.org/bell.txt).  The leak contains thousands of usernames,email addresses and plain-text passwords and even some credit card data.

"Go f****g figure, people who are suppose to provide secure connection to the internet?.. They can't secure themselves, and with that said?" Hackers wrote next to the leak.

"Successful day hacking internet service providers is successful. #NullCrew" Tweet posted by hackers on Jan 14 reads.

It appears the group also had a talk with Bell support team.

"We'd like to give a shout-out to the beautiful people over at twitter.com/Bell_Support.  First of all, asking a hacker their providence made all of us lolololol!" The group said.

Redenet.edu.br & University of Neoliberal Arts hacked by NullCrew

 

The hacker group Nullcrew is back with few University websites' security breaches.  Today, we have received a notification from the group saying they have hacked into the website belong to University of Neoliberal Arts.

The group provided us a link to the database leak of the hacked site : pastebin.com/Az4tqvPQ .  The leak contains the email address, password, name, address and Phone number details.

"To show our support of Anonymous" The hacker group stated as reason for the security breach.  According to the hacker's statement, the hacker exploited a SQL Injection vulnerability to compromise the database.

The crew also hacked into the Institute of Brazil website(redenet.edu.br).  They announced the security breach in their Twitter account: pastebin.com/a7Mt8f95

The leak contains email address, names, contact numbers.  It also includes more than 10 login id and password credentials. 

Nullcrew hackers deface Time Warner cable website


The hacker from Nullcrew hacktivists has managed to breach the Time Warner's support page - An American cable telecommunications company.

The hackers announced that attack in Twitter "We hacked Time Warner Cable, due to them attempting to participate in the six strikes. supportcenter.timewarnercable.com:8888/sdcxuser/".

They defaced the site with a gorilla picture. In the defacement page, the hackers leaked the database details, username, passwords, SSL Keys file password.

The hacktivist criticize the password used by admin,  they are using the very simple password "changeme".

At the time of writing, the website has been taken down by the admin, you can see the mirror of the defacement here: http://www.freezepage.com/1362546977OFVSJKBYGE

E Hacking News Interview with The hacker group NullCrew


Today, EHN had an interview with the hacktivist group NullCrew who recently leaked the data from UN Wasatch and Wisconsin University site.  

In the past , the group breached the World Health Organization(Who) , PBS, UNESCO Etxea , Ford, DHS's Study in the States and Sharp Electronics UK, University of North Carolina , Yale University, South Africa's Leading ISP Directory site and more sites.


Why did you attack those sites?

These servers are a part of the system, a system which is ran by corrupt rich assholes. They mostly use their money for themself,

No donations to the people who need the money, and if they do; it's just so people look at them in a kinder way, only for publicity.

Wasatch is a partner of Microsoft, ran by Bill Gates; it was to target them as part of the system, their under the table dealings. The way they treat employees, take full credit for certian things.

The United Nations attack, mainly because the UN is all Nations together. And all nations are corrupt, wheather the people see it or not; that is something we wish to stop. Those are the reasons.

wisc.edu Became a target when they commited Animal Cruelty.

What kind of method you used?

The methods we're all SQL injection of different techniques. WasatchIT and Software were on a shared host, two of the websites hosted. On the server contained SQL injection, and in the databases displayed WasatchIT and WasatchSoftware.


We exploited [wisc.edu] via b-sqli. UN.org had a MSSQLi behind A WAF, which we had to bypass to gain access to the databases, and data its self.

What is your Next target?
Our next big release will be on Febuary 14th, yes, yes; VALENTINES DAY! It'll be the official release of #FuckTheSystem valentines day, and one target I will tell you is the pentagon.

But our next single release will be a multipul target release, on United States government servers; retaliating against #OperationFastAndFurious. How many more need to die, from weapons the government is putting into criminal's hands?

What is your ultimate goal? What do you hope to achieve by hacking these websites ?
Our ultimate goal, is to make the people of the system stand and revolt; and to prove that #FuckTheSystem is not a joke.  For people to finally live without fear, to be able to bring others into the world without fear.
 
Have you seen any results after your campaigns?
After our Unescoetxa defacment, with the song everything is corrupt; there were comments upon comments from people posting #FuckTheSystem from whatever country they lived in. So yes, we have seen results.

How many websites did you hack so far?
To be honest, atleast 150+ We've outlived most groups, and been highly active.


United Nations , Wasatch and Wisconsin University data leaked by Nullcrew

The NullCrew hacktivist come with third zine as part of their operation called "Fu**TheSystem". Hackers claimed to have compromised data from the United Nations website(UN.org), Microsoft Partner Wasatch(Wasatchit.com) and Wisconsin Universety.

"We here at NullCrew believe in non-censorship, and have noticed something. We have noticed that the government will never change their ways, they simply refuse to. No matter how much violence they cause, no matter how many times they refuse to admit their wrongs. No matter how many times they have denied documents for being factual. Even better, they REFUSE TO LET THEIR PEOPLE BE FREE! " The hacker said .

" America, you have been a primary target for activists, and hacktivists alike.

The true freedom fighters whom prove you wrong, you censor us; lock us away in prisons. You take away our freedom of speech, if the world relied on things such as free-source. The world would be a less corrupt place. Sadly, that won't happen anytime soon; as long as people from the system are greedy!"

The database leaked from UN contains username, passwords and IP addresses of users.

The Wasatch dump contains username, password and email address details. Wordpress users and Passwords were included. The dump also contains database details of Wisconsin University.

The leak:
http://pastebin.com/CcUJf8Hx

DHS’s Study in the States and Sharp Electronics UK hacked by Nullcrew


Few months after they have been quiet, the hacker group Nullcrew have returned with interesting hack.  They claimed to have breached the "Study in the States", a subdomain of US Department of Homeland Security (studyinthestates.dhs.gov).


The hacker group published some data compromised from the sever includes Database Host, user, password and database Name. The hackers compromised these details when they are managed to access the Wp-config.php file. 

In the pastebin, they have also leaked the exact location and full source code of wordpress configuration file.

Today, they have also hacked into the official website of Sharp Electronics UK and leaked the entire MySQL Dump.

http://pastesite.com/87220

#NullCrew hacks UNESCO Etxea & leaked sensitive data in defacement page


nullcrew hackers group

One of the famous Hacktivist collective known as Nullcrew, has break into the official website of Unesco Etxea and defaced it.  unescoetxea.org is an internationally oriented NGOs working for the culture of peace, sustainable human development and human rights, at local and global levels.

When we try to visit the site, the hackers welcome us with a message 'welcome to the new front page of unescoetxea'. In the defacement page, a youtube video 'Ice Cube - Everything's Corrupt' is being played.

"You have been targeted by NullCrew, as part of the FuckTheSystem movement.
We have began the war, once again; but this time, good-luck even coming close to winning." The defacement message reads.

"The united nations, just a bunch of corrupt nations; united by one source of power.. And for that reason, we have came back; to repete the process.
Enjoy the candy."

Hackers has published some data compromised from the server in the defacement page itself.  The data includes directory and file names, wordpress configuration and Blog user credentials.

The data provided in the 'wordpress config' section contains the database name, username and the database password as well as the DB Host address.

In the 'blog user credentials' section,  there are only two entries that contain the username, password and email address.

At the time of preparing the news report, the website still displays the defacement page. The attack was announced via twitter about 19 hours ago. It seems like the admin is struggling to restore the site or not aware of the hack?!

Yesterday, they have also hacked into the official website of UK ministry of Defence via simple SQL injection vulnerability and dumped the data. 

U.K Ministry of Defence Hacked by Nullcrew

The famous hacker group Nullcrew hacked the U.K Ministry of Defence
and leaked the details in pastebin. The attack was targeted earlier
today, announced in twitter.

"We should have thedatabase from the UK Ministry of Defense (mod.uk)
up tonight for you guys. #NullCrew #FuckTheSystem #Nov5" Tweet reads.

"UK Ministry of Defence will be dumped in a coupleof minutes.
Prepareyourselves."

After posting the above tweet, hackers posted the link to dump.
http://pastebin.com/vRFPQkzR

"Your webmaster made a terrible mistake... You may criticize us on the
simplicity ofthe vulnerability. But if you can get so much useful data
so easily, why wouldn't you? We hope that all governments and
organizations realize that#FuckTheSystem is definitely not a joke. We
hope that you have the decency to grasp theconcept of it. But hey...
You're the government right... Just some butthurt little fags. This
security just proves how much of a joke our governments are." the
hackers said in the paste.

According to hackers' report , they've have breached the site by
exploiting the SQL injection vulnerability.

The leak contains server , database details. It also contains login
credentials including user, password and email address.

Ford.com hacked and database leaked by #Nullcrew


database leak

After the release of government database, Nullcrew once again targeted a high profile website.  They hacked into the official website Ford Motor Company.

According to hacker's statement , they have discovered an Error Based SQL Injection vulnerability in the social.ford.com.  By exploiting this vulnerability, they gained accessed to the Database.

The dump contains more than 20 username and encrypted passwords along with a link to the login page. It also contains some database details including table name.

http://pastebin.com/UKNw202z

Government and Military websites hacked by #Nullcrew


The few days after the announcement of their operation  called as "#FuckTheSystem", Nullcrew has hacked into government sites and leaked database.

"#FuckTheSystem Zine Released:  http://pastebin.com/raw.php?i=MHzT9mQf #Anonymous @EHackerNews @EduardKovacs @AnonOpsSweden @AnonOpsLegion  " Today, hackers posted the dump link in the Twitter.

The hacked sites includes Montana's Official State Website(mt.gov), Force Health Protection & Readiness(fhpr.osd.mil), The official website of the State of Louisiana(la.gov), The Official Website of the State of Texas (www.texas.gov), United Nations (un.org)

The database belong mt.gov contains 7000 full names and password has been leaked.

According to hacker statement, the Montana site has vulnerability that leads to disclosure of all files on the server. Also they have stated that it contains Boolean-blind base SQL Injection vulnerability.

The dump belong to unesco.org contains username and password in plain text format. More than 30 username, hashed password belong to Texas.gov has been leaked.

At the end of zine, they have pasted more than 2000 email address, username, password belong to the fhpr.osd.mil

The official statement of NullCrew reads:
We here at NullCrew believe in non-censorship, and have noticed something. We have noticed that the government will never change their ways, they simply refuse to.

No matter how much violence they cause, no matter how many times they refuse to admit their wrongs. No matter how many times they have denied documents for being factual.

 Even better, they REFUSE TO LET THEIR PEOPLE BE FREE! America, you have been a primary target for activists, and hacktivists alike.

The true freedom fighters whom prove you wrong, you censor us; lock us away in prisons.  You take away our freedom of speech, if the world relied on things such as free-source.. The world would be a less corrupt place.

 Sadly, that won't happen anytime soon; as long as people from the system are greedy! Everyone shout: #  Let us be free!

#FuckTheSystem : An operation against corrupt governments ,says Nullcrew

Nullcrew hackers

One of the famous Hacker group , Nullcrew, has declared a new operation called "#FuckTheSystem" that targets corrupt governess and agencies.

"For so long, we have been abused by our own people, who do not deserve any more power than us. We are all people, we are all human... And we deserve to be treated like proper humans. No more physical, financial abuse from these organizations and governments. It's time to UNITE TOGETHER as people. As people fighting for what we truly believe in; freedom." The hacker group said in the statement.


You do not need to be in NullCrew, Anonymous, or any official hacktivist/activist group. You don't need any knowledge with technology. There are other ways to fight. Protests, Articles, Video footage. By participating in any of those, you make all of us one step closer to being free... Once and for all. It's time to show our government, that we will NOT tolerate this abuse, that we are SICK of this.

NullCrew urges those who live in outside of U.S to provide information about the government that abuses their own people.

"NullCrew is kicking off this huge INTERNATIONAL operation, with attacks on the U.S Military, and also several of the States such as Montana and Texas (more as well)."

Orange.co.uk hacked and Database leaked by Nullcrew


Nullcrew, The hacker group known for dumping the database belong to high profile sites, once again hacked a high profile sites.  They hacked into the official website of Orange, a mobile network operator and internet service provider in the United Kingdom

Orange UK has over 17 million customers through its mobile and broadband services.

They have dumped the database in two separate pastes.  The first one has the all tables, databases, and columns details. The second one contains more sensitive information including username, password, and email address.


"Now, we're giving you the only actual interesting data that came from the server. Enjoy, make sure you spam these govt and corp emails that were in the server as well!" The Hackers said in the paste.

XSS vulnerability found in MasterCard site by nullcrew

The well-known hacker group NullCrew has discovered a non-persistent Cross Site scripting(XSS) vulnerability in official website of MasterCard. The subdomain "Mobile Payments Readiness(mobilereadiness.mastercard.com) found to be vulnerable to XSS attack.

http://mobilereadiness.mastercard.com/country-comparisons/index.php?c1=sg"><script>alert("NullCrew")</script>

Usually , the Non-persistent or reflected XSS are considered as low risk.  Even thought the risk level is estimated as low, the attackers can steal user accounts by social engineering attack.
 
For instance , A hacker can redirect victim to malicious or phishing sites by injecting redirection script in the url.  I have tested the redirection script,Successfully it redirects me to another site.

The above script redirects to google. An attacker can send the crafted-link and lure users into believe they are visiting legitimate master card site. But, in fact, they are being redirected to malicious site. 


NullCrew has also discovered XSS vulnerability on the Department of Homeland Security.

Sony's mobile website hacked and data leaked by Nullcrew


Once again, Sony is being targeted by hackers; This time, The Hacker group "NullCrew" has hacked into the official website of Sony's mobile websites.

Hackers compromised the database belong to www.sonymobile.com and dumped into the pastebin. The leak contains sensitive data including username, passwords,email address.

Even though the passwords are in encrypted form(md5), it won't take much time for hackers to crack the passwords. 

"Sony, we are dearly dissapointed in your security.This is just one of eight sony servers that we have control of. Maybe, just maybe considering IP addresses are avaliable. " Hacker said in the paste.

"Maybe, just maybe it's the fact that not even your customers can trust you. Or maybe, just maybe the fact that you can not do anything correct technologically."

NullCrew become busy in dumping the database belong to high profile sites. Recently, they hacked Cambodia Government websites as part of the operation called "OpTPB".  Here is the list of websites hacked by Nullcrew so far.

#OpTPB: Cambodia Government websites Hacked by NullCrew


The NullCrew have decided to target Military, Education and Governmental systems of the country of Cambodia, After the founder of The Pirate Bay(thepiratebay.se) arrested in cambodia.

"Recently the co-founder of Piratebay was arrested in Cambodia, this seems like the megaupload case." The Hacker Said in the paste.

" As long as the government attempts to censor, then there will be more of this; what happened to 'Freedom.' It is angering, whenever they won't allow us the slightest bit of freedom on the internet, taking all we care for."

"So that is why #OpTPB has come to be, they should have expected it when they did this. Cambodia, we will not stop until you come to your sences.And now, for the leaks!"

They have started the operation "#OpTPB" by hacking the compromising the database belong to General Department of Taxation Cambodia(tax.gov.kh). They have leaked the user name and password details in the paste. Passwords are in plain text.

The leak also contains the user name ,password data belong to Ministry of Public Works and Transport(mpwt.gov.kh) and Institute Of Standards Cambodia(Isc.gov.kh).

The have also hacked the Cambodian army and leaked the user name ,email address and hashed password.

Canadian News site, CBC.ca hacked by NullCrew


The Hacker group NullCrew, known for dumping the database of high profile sites, have managed to compromise the database belong to Canada's National News Website.

CBC.ca is Canada's Online Information Source. Comprehensive web site for news, entertainment, sports, business, and a complete guide to CBC-TV, CBC Radio and CBC News Network.

"This hack is not for an operation, or anything else. I contacted them about a vulnerability I discovered on their server. They completely ignored it. I tweeted as a warning, and still nothing."Hacker said in the Pastebin release. "So now in return for their pathetic ignorance, the databases are released."

The leak contains username, hashed passwords and email address. It also contains Database details including database name and list of tables. Hacker specified the SQLi vulnerable link  in the paste.

OpFreeAssange :Nullcrew hack more websites

The Hacker group NullCrew continue to show their support for Operation Free Assange by breaching into number of high profile sites.

Yesterday, they hacked into the following sites:
  • www.africacollege.leeds.ac.uk
  • data.gov.uk
They have compromised the database from those sites and leaked in separte pastes.  The leak contains database details, email address, password hashes and usernames.

The only statement they posted next to the data dump was a quote from the founder of WikiLeaks: Intelligence agencies keep things secret because they often violate the rule of law or of good behavior.

This isn’t the only website allegedly penetrated by NullCrew in support for Assange. They also claim to have breached lada-auto.ru – a website dedicated to Lada, the trademark vehicle of Russian car manufacturer AutoVAZ.

Meanwhile , a hacker reffered as 0x00x00, who is not affilated with Nullcrew, claimed that he hacked the following sites as part of the OpFreeAssange:
  • www.history.knowsley.gov.uk
  • www.nag.co.uk
  • www.dlink.co.uk
  • www.mcc.ac.uk
  • www.tex.ac.uk
  • www.sanger.ac.uk
  • www.gsfc.nasa.gov
  • www.navy.mil
  • www.washington.edu

#OpIsrael: 500+ Israeli Forum Users dumped by NullCrew


The hacker group known as NullCrew and manst0rm have discovered vulnerabilities in multiple sites and extract database of those sites.

The hacker claimed that he got access to 21,000 Users, Passwords, First names, Last names, Phone Numbers, Locations, and more. But they have dumped a couple of Usernames and Passwords.The passwords are in plain text.

"Greetings everyone. For for too long, Palestine has been suffering by the hands of Israel. This is not just an operation within NullCrew, this is an operation that everyone needs to support, and attack in order for it to go successfully. People are dying, and this is our only way of showing Israel that it must end." Hacker said in the Pastebin leak.

In the pastebin leak, hackers also provide the vulnerability details of some sites and how to exploit the vulnerability.

"Believe us when we say this; it's not the end. This is a quick prep-attack for us to get started on the attack." Hackers said.