3
2012
Team GhostShell #ProjectDragonFly
An article by connection
The last time I blogged about Team GhostShell was to talk about the eponymously named #ProjectGhostShell (read more here ). It seems that Team GhostShell is back with one helluva kickoff to #ProjectDragonFly. More information after the fold.
#Backstage of #ProjectDragonFly and #ProjectGhostShell. A short description on what hackers can expect from chinese domains, when breaching them and how “dangerous” or “difficult” they truly are. This current leak will also contain 200.000+ accounts, like usernames, passwords, emails, phone numbers, addresses, zip codes, ICQ’s, ID’s, paypal accounts (etc.) and 300.000+ records, time, dates, locations, names, validation keys, ip’s (etc.). Two targets were confirmed as re-hacked. One of them is find2trade, which was originally in our point of range due to the fact that most people in there that did any sort of “business” were in fact chinese. The second one is the rating agency Fitch, the branch from China. Their data was stolen before, we managed to find other vulnerabilities within their site and it was posted alongside all of their passwords on that server. The main focus on this leak for Project DragonFly were new data on medium size/average companies, institutions, research labs, banks, airports, hospitals, forex, news site’s, EDU site’s and many more. This time, Taiwan had a big role to play in all of this, being targeted as well. An example from each side: TOPSHIP CHEMICAL CO.,LTD. founded in October, 1998, is a privately-owned joint stock company with registered capital of 156 million RMB. Alchip Technologies, Inc., headquartered in Taipei, Taiwan, is a provider of silicon design and manufacturing services for companies developing complex and high-volume system-on-chip (SoC) designs. Project GhostShell reached out to provide similar leaks, like banks, airports, hospitals (or better yet healthcare website/s), government site’s, forex trading, companies, corporations, news site’s, architecs archives, the russian mafia, technology, and so on. The backstage of this current leak, end’s with a list of vulnerable xss site’s, like CNN, AOL, Puma, Peugeot, ICQ, Tudou but also others. Screenshot’s were uploaded as proof. Two of them have their links censored since the attacks were done via open source code, the rest have been shown completely exposed just to prove how insecure and easy it is to target them. And finally, a list with other vulnerable site’s/server’s was provided, just like last time. This list is composed of places that I didn’t have time to breach, or some of them have already been and in reply they have been leaked here.
For the full document head over to private paste
