Hacks and Incidents

60,000 Personal Credentials Leaked From Syrian Sites

60,000 Personal Credentials Leaked From Syrian Sites: Today a hacker from the European Cyber Army going by the handle @Zer0Pwn has announced a leak of data from two syrian based websites job.sy, realestate.sy.

The leak which is titled “ECA vs. Assad | Part 1″ was posted to pastebin with a preview of some of the users data and a link to sendspace. The attack is apart of a bigger operation that is going on towards what the hackers are claim are pro-assad targets.

The data leak has resulted in over 60,000 Accounts being dumped online and between the two databases are users credentials which have encrypted passwords for job.sy but plaintext for realestate.sy. Both databases have full user details such as full names, contact phone numbers and home addresses. On the march 30th career-sy.com appears to of been breached and posted to pastebin as well with 3 administrator credentials as well as the vuln entry point and link for the control panel login which is located on the job.sy server which career-sy.com redirects to now.

Some attacks by other ECA members have been carried out and posted to twitter by @ECA_Legion with data being leaked from syrianmonster.com, a syrian hosting website, ddos attacks on sites like syria-courts.com, sana.sy and moj.gov.sy. banquecentrale.gov.sy. The leak of data from the realestate.sy database appears to have plaintext passwords to accounts linked to www.scs-net.org which is one of the job.sy official partners to making all three sites linked together or even owned and operated by the same people possibly.

Standard