We have received reports that two important USA government sites have been breached – The FBI portal page and the United States Special Operations Command. To read more about the incidents continue reading.
USA Government Sites Hacked and Leaked
The famous computer hacker CyberZeist has breached the main FBI portal site and has leaked the data on the publicly accessible Pastebin service. The criminal has leaked several FBI accounts that he discovered in several backup files. The data contains account credentials data, including names, SHA-1 encrypted passwords, the relevant SHA-1 salts and the emails.
The actual intrusion happened on December 22 last year when the hacker exploited a zero-day vulnerability in the Plone Content Management System which is used by the portal. The security issue was identified in some of the python modules that are used by Plone. This software is considered one of the most secure systems for setting up various types of sites and is used by many top government agencies worldwide. Other web sites that could potentially be exposed include the Intellectual Property Rights Coordination Center and The European Union Agency for Network Information and Security (ENISA).
According to CyberZeist the FBI has contacted him about the incident. Publicly he revealed some details about the intrusion. He wasn’t able to obtain root privileges however the server powering the Plone CMS was using an old FreeBSD 6.2 operating system which was severely outdated and ran a custom configuration. The administrators of the site have stored backups of the contents on the same server.
According to the hacker the 0-day exploit is currently being on sale on the black market underground. When it is sold to a winning party more information about the intrusion vector will be disclosed.
The other major breach was done by another party against the United States Special Operations Command (USSOCOM). The security reports state that personal details of doctors who are deployed by the command has been exposed due to a security bug. The security researcher Chris Vickery discovered in December that Potomac was running an unprotected remote synchronization service (rync) which was used to expose about 11 gigabytes of sensitive data. The leaked information includes names, locations, social security numbers, salaries and assigned units for the healthcare professionals. Also at least two Special Forces data analysts with Top Secret clearance were also featured in the information leak. A thorough security investigation is undergoing.
Plone Developers Deny USA Government Hack as a Hoax
Developers from the Plone content management systems have analyzed the posted information and screenshots made by the hacker CyberZeist and have claimed that it is a hoax. According to them some of the screenshots are fake while others are not relevant to the hacker’s claims.
The experts believe that the most likely reason for the media attention and the claims is malicious advertising of fake exploits which are posted on sale on the underground black market.
