Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label NullCrew. Show all posts
NullCrew
Hackers Arrested Hacking News NullCrew

Alleged "NullCrew" Hacker arrested by FBI

FBI has arrested a 20-year-old Tennessee man for allegedly conspiring to launch cyber attacks on a number of businesses and educational organizations.

Timothy Justin French, known online as 'Orbit', is believed to be part of the famous hacking group "NullCrew".  The group is best known for its hacking attacks against World Health Organization and PBS.  Earlier this year, the group also hacked into Bell Canada website.

According to the DOJ, the FBI with the help of 'confidential witness' approached members of the Nullcrew Team on Skype, Twitter and CryptoCat.

After gaining their trust, Fed's inside man engaged them in conversations that includes discussions on past,present and future attacks and their hacking techniques.

The FBI used the information gathered by witness to track the IP address of one of the computers used in some of the NullCrew attacks.

"The computer hacking charge in this case carries a maximum sentence of 10 years in prison and a $250,000 fine. If convicted, the court must impose a reasonable sentence under federal statutes and the advisory United States Sentencing Guidelines."
Read more »
SQL Injection
Data Breach Database Leaked Hacking News NullCrew SQL Injection

Bell Canada website hacked with POST-based SQL Injection vulnerability

Few days back, Nullcrew hackers hacked into Bell Canada website and leaked thousands of customer data.

Bell Canada confirmed Sunday that usernames and passwords of 22,421 and five valid credit card numbers have been leaked by hackers.  However, the organization points finger at Third-party saying the leak "results from illegal hacking of an Ottawa-based third-party supplier's information technology system".

Bell claims its own network wasn't affected by this breach.  Bell has disabled all passwords and notifying all affected users.  They are currently working with law enforcement and government security officials to investigate the matter.

"Quite a laughable claim, Bell actually knows of the breach, they knew the vulnerable section of the website for two weeks."In a response to the Bell's claim, hackers said in their twitter account.

The screenshot provided to DataBreaches shows that the hackers had a chat with Bell Support team.

Nullcrew chatting with Bell support team

Hackers said a POST based SQL Injection vulnerability resides in the password recovery page of Bell's sub-domain( https://protectionmanagement.bell.ca/passwordrecovery_1.asp)

Post-based SQL Injection in Bell Canada
Read more »
NullCrew
Data Breach Database Leaked Hacking News NullCrew

Nullcrew hackers claims to have hacked Bell Canada

The Nullcrew Team is back! After several months, the group returned with a new database leak.  They claimed to have hacked into the Bell Canada website(www.bell.ca) and compromised the database server.

Just few hours before, the group published a link to leak(http://nullcrew.org/bell.txt).  The leak contains thousands of usernames,email addresses and plain-text passwords and even some credit card data.

"Go f****g figure, people who are suppose to provide secure connection to the internet?.. They can't secure themselves, and with that said?" Hackers wrote next to the leak.

"Successful day hacking internet service providers is successful. #NullCrew" Tweet posted by hackers on Jan 14 reads.

It appears the group also had a talk with Bell support team.

"We'd like to give a shout-out to the beautiful people over at twitter.com/Bell_Support.  First of all, asking a hacker their providence made all of us lolololol!" The group said.
Read more »
NullCrew
Database Leaked hacker news NullCrew

Redenet.edu.br & University of Neoliberal Arts hacked by NullCrew

 

The hacker group Nullcrew is back with few University websites' security breaches.  Today, we have received a notification from the group saying they have hacked into the website belong to University of Neoliberal Arts.

The group provided us a link to the database leak of the hacked site : pastebin.com/Az4tqvPQ .  The leak contains the email address, password, name, address and Phone number details.

"To show our support of Anonymous" The hacker group stated as reason for the security breach.  According to the hacker's statement, the hacker exploited a SQL Injection vulnerability to compromise the database.

The crew also hacked into the Institute of Brazil website(redenet.edu.br).  They announced the security breach in their Twitter account: pastebin.com/a7Mt8f95

The leak contains email address, names, contact numbers.  It also includes more than 10 login id and password credentials. 
Read more »
NullCrew
Cyber Attacks Cyber Security News Defaced Website hacker news NullCrew

Nullcrew hackers deface Time Warner cable website


The hacker from Nullcrew hacktivists has managed to breach the Time Warner's support page - An American cable telecommunications company.

The hackers announced that attack in Twitter "We hacked Time Warner Cable, due to them attempting to participate in the six strikes. supportcenter.timewarnercable.com:8888/sdcxuser/".

They defaced the site with a gorilla picture. In the defacement page, the hackers leaked the database details, username, passwords, SSL Keys file password.

The hacktivist criticize the password used by admin,  they are using the very simple password "changeme".

At the time of writing, the website has been taken down by the admin, you can see the mirror of the defacement here: http://www.freezepage.com/1362546977OFVSJKBYGE
Read more »
NullCrew
hackers group Interview with hacker Interviews NullCrew

E Hacking News Interview with The hacker group NullCrew


Today, EHN had an interview with the hacktivist group NullCrew who recently leaked the data from UN Wasatch and Wisconsin University site.  

In the past , the group breached the World Health Organization(Who) , PBS, UNESCO Etxea , Ford, DHS's Study in the States and Sharp Electronics UK, University of North Carolina , Yale University, South Africa's Leading ISP Directory site and more sites.


Why did you attack those sites?

These servers are a part of the system, a system which is ran by corrupt rich assholes. They mostly use their money for themself,

No donations to the people who need the money, and if they do; it's just so people look at them in a kinder way, only for publicity.

Wasatch is a partner of Microsoft, ran by Bill Gates; it was to target them as part of the system, their under the table dealings. The way they treat employees, take full credit for certian things.

The United Nations attack, mainly because the UN is all Nations together. And all nations are corrupt, wheather the people see it or not; that is something we wish to stop. Those are the reasons.

wisc.edu Became a target when they commited Animal Cruelty.

 What kind of method you used?

The methods we're all SQL injection of different techniques. WasatchIT and Software were on a shared host, two of the websites hosted. On the server contained SQL injection, and in the databases displayed WasatchIT and WasatchSoftware.


We exploited [wisc.edu] via b-sqli. UN.org had a MSSQLi behind A WAF, which we had to bypass to gain access to the databases, and data its self.

What is your Next target?
Our next big release will be on Febuary 14th, yes, yes; VALENTINES DAY! It'll be the official release of #FuckTheSystem valentines day, and one target I will tell you is the pentagon.

But our next single release will be a multipul target release, on United States government servers; retaliating against #OperationFastAndFurious. How many more need to die, from weapons the government is putting into criminal's hands?

What is your ultimate goal? What do you hope to achieve by hacking these websites ?
Our ultimate goal, is to make the people of the system stand and revolt; and to prove that #FuckTheSystem is not a joke.  For people to finally live without fear, to be able to bring others into the world without fear.
 
Have you seen any results after your campaigns?
After our Unescoetxa defacment, with the song everything is corrupt; there were comments upon comments from people posting #FuckTheSystem from whatever country they lived in. So yes, we have seen results.

How many websites did you hack so far?
To be honest, atleast 150+ We've outlived most groups, and been highly active.


Read more »
NullCrew
Database hacked Database Leaked Hacktivists NullCrew

United Nations , Wasatch and Wisconsin University data leaked by Nullcrew

The NullCrew hacktivist come with third zine as part of their operation called "Fu**TheSystem". Hackers claimed to have compromised data from the United Nations website(UN.org), Microsoft Partner Wasatch(Wasatchit.com) and Wisconsin Universety.

"We here at NullCrew believe in non-censorship, and have noticed something. We have noticed that the government will never change their ways, they simply refuse to. No matter how much violence they cause, no matter how many times they refuse to admit their wrongs. No matter how many times they have denied documents for being factual. Even better, they REFUSE TO LET THEIR PEOPLE BE FREE! " The hacker said .

" America, you have been a primary target for activists, and hacktivists alike.

The true freedom fighters whom prove you wrong, you censor us; lock us away in prisons. You take away our freedom of speech, if the world relied on things such as free-source. The world would be a less corrupt place. Sadly, that won't happen anytime soon; as long as people from the system are greedy!"

The database leaked from UN contains username, passwords and IP addresses of users.

The Wasatch dump contains username, password and email address details. Wordpress users and Passwords were included. The dump also contains database details of Wisconsin University.

The leak:
http://pastebin.com/CcUJf8Hx
Read more »
NullCrew
Database hacked Database Leaked IT Security News NullCrew

DHS’s Study in the States and Sharp Electronics UK hacked by Nullcrew


Few months after they have been quiet, the hacker group Nullcrew have returned with interesting hack.  They claimed to have breached the "Study in the States", a subdomain of US Department of Homeland Security (studyinthestates.dhs.gov).


The hacker group published some data compromised from the sever includes Database Host, user, password and database Name. The hackers compromised these details when they are managed to access the Wp-config.php file. 

In the pastebin, they have also leaked the exact location and full source code of wordpress configuration file.

Today, they have also hacked into the official website of Sharp Electronics UK and leaked the entire MySQL Dump.

http://pastesite.com/87220
Read more »
Subscribe to: Posts (Atom)