The hacker group known as GhostShell has taken responsibility for the alleged release of millions of personal records from the CIA, Wall Street, and other government agencies.
The group claims to have released the data in collaboration with groups MidasBank and OphiusLab. Security firm Imperva has verified that at least 30,000 account have been compromised in what is being called Project HellFire. The hacked information include “usernames, passwords, email addresses and the real names of account holders,” ZDNet reported.
The following message was posted by GhostShell on Pastebin following the attack.
“Team GhostShell's final form of protest this summer against the banks, politicians and for all the fallen hackers this year. One million accounts/records leaked. We are also letting everyone know that more releases, collaborations with Anonymous and other, plus two more projects are still scheduled for this fall and winter. It's only the beginning."
The attacks were carried out by using a SQL injection technique that tricks “a server into handing over restricted information,” ZDNet added.
And if Project HellFire wasn’t enough, self-proclaimed GhostShell leader DeadMellox challenged hackers via Twitter to break into Chinese databases using three different access points. GhostShell claims this includes “more than 100 billion databases from a mainframe at an unnamed U.S. stock exchange mainframe; and access points to three or four Department of Homeland Security servers,” CNET reported.
These latest hacks cap off a busy summer for GhostShell. In early June, the hacktivists took responsibility for allegedly hacking 800,000 Chinese government records in an operation called #ProjectDragonFly.
While the U.S. government has yet to break its silence regarding the attacks, Rob Rachwald, director of security strategy at Imperva, told CNET that Project HellFire could be the real deal.
“It's hard to say with precision just how much (data was stolen), but you can say this is a pretty significant breach," he said.
Photo via Twitter