Break Down and Insight into Project Sun Rise African data leak
By Lee J on Wednesday 30th of January 2013 at 1:41:14 am
The following is a deeper insight to all the information and leaked data from Project Sun Rise by Team Ghost Shell.
Information
The attack has a main release note that contains a operation message with information from an investigation that the hacker collective has been conducting in this operation.They have made claim to link the business infrastructure of South Africa that has lead to tracing of activities to other country’s.
After two months of investigations, Team GhostShell has finally managed to fingerprint the entire top business infrastructure of South Africa, tracing some of it’s activities to other countries across the continent.The release statement also makes it clear this project release was not intended to be a big data leak but more so a way of opening doors for others to do independent investigations into the claims made.
Although this time around, the goal was not to release a large portion of data, we will still provide you with enough non-disclosure accounts and records from a variety of businesses; corporations and governments.One of the most interesting parts into this data leak is the announcement of a preview into something to do with the CIA and oil industries in North Africa.
This project also ended up coinciding with one of our off-scene black operations regarding the oil industries in North Africa. Ties with the CIA have been made inside Angola and as such we’ll release a small teaser about it as well to promote this.Other interesting facts is that Ghost shell has sent a sort of warning to company’s and authorities trying to scare companies into removing pastes with leaked information. (see side notes)
Scaring the owners of these places will only make things worse.Ghost shell has also provided information for people living in south Africa who may be in crisis. (see help notes)
Facts
The attack has left 23 African based websites hacked that range from retail, postal services, mining industry and many more.The leak was posted posted to pastebin and various other paste sites in a total of 109 parts.
Total of 30,262 accounts with emails detected.
Many of the accounts in the leak do not have related emails or other credentials and some have full personal details.
Mix of Plain text and Different types of encrypted passwords.
Leak was not released as a big data leak.
Project was carried out in cooperation with @Opsafrica13 & @Anonymous_ZA
Attack is directly related to mining industry in Africa.
The attack took place over a few months and is still on going with some aspects.
Video
List of sites affected and what they are:
African Reinsurance Corporation
Site: africa-re.comSectors: Oil, Gas, energy, marine/
Info: In 2010, Africa Re called the 4th Capital Increase to bring its paid-up capital to US$ 300 million and its shareholders funds to US$ 600 million by end of 2012.IRB-Brasil Re, the leading reinsurance company in Brazil became a shareholder of Africa Re in 2012.
About: http://www.africa-re.com/EN/aboutus/page/5/corporate-history
Archive: http://ozdc.net/archives.php?aid=4680
Part Files: 1
Data Info: Three databases and database colum layout information. Personal details, login credentials and more.
Table 1: email,name,surname,tel,tel_mobile
Table 2: active, cat, created, dept, dept_fr, id, location ,location_fr, name, orderid, position, position_fr, role, role_fr, src, superior, surname, text, text_fr, title ,title_fr, updated.
Table 3: admin,last_login,name,password,surname,title,user_id,username
Passwords: Encrypted
Woolworths Holdings Limited
Site: www.woolworthsholdings.co.za/
Sectors: retail
Info: Woolworths Holdings Limited is a South African-based retail group listed on JSE Limited (“the JSE”).
Archive:http://ozdc.net/archives.php?aid=4681
Part Files: 16
Data Info: System setup and comments information, full personal login credentials and details such as contacts.
Passwords: Clear Text
Diamond Corporation
Site: diamondcorporation.co.za
Sectors: retail
Info: Diamond Corporation™ is a specialist diamond and retail jewellery enterprise which offers unmatched design, craftsmanship and customer care. DC was founded in 1998 as a specialist diamond cutting company.
Archive:http://ozdc.net/archives.php?aid=4682
Part Files: 1
Data Info: mailing list information.
African Mining
Site: www.africanmining.com
Sectors: Mining
Info: African Mining presents a holistic view of the investable African Mining universe, its participants and service providers.
Archive: http://ozdc.net/archives.php?aid=4683
Part Files: 2
Data Info: Comments and system details, basic user information.
BEE Network
Site: bee-network.co.za
Sectors: Unknown
Info: The most comprehensive database of BEE companies in South Africa
Archive: http://ozdc.net/archives.php?aid=4684
Part Files: 1
Data Info: Comments, basic user login credentials.
Allied Technologies International
Site: alliedti.com
Sectors: Technologies
Info: Allied Technologies International, Inc. provides precision components to all industries that require un-compromised quality and dedication to service
Archive:http://ozdc.net/archives.php?aid=4685
Part Files: 1
Data Info: Invoice logs and basic personal details.
illovo boulevard
Site: illovoboulevard.com
Sectors: mixed
Info: The Illovo Boulevard Management District is a mixed-use commercial area bounded by Bompas Road in the south, Harries Road in the north, (I llovo Corporation)
Archive:http://ozdc.net/archives.php?aid=4686
Part Files: 1
Data Info: User login credentials with site related information and emails.
Password: Plain text
Genesis
Site: genesisib.co.za
Sectors: Insurance
Info: Genesis opened its doors in February 1994, with two staff members. Today our staff totals at 42 with offices in Gauteng, KwaZulu Natal, Cape and Free State..
Archive:http://ozdc.net/archives.php?aid=4687
Part Files: 1
Data Info: Comments, system administration login credentials.
Password: Encrypted
Omni-ID
Site: omni-id.com
Sectors: Technology
Info: Omni-ID is the leading supplier of low-profile passive RFID tags that are highly accurate in harsh environments due to a proprietary design.
Archive:http://ozdc.net/archives.php?aid=4688
Part Files: 2
Data Info: full database extraction with login credentials, user personal information and site settings.
Password: Encrypted
Ornico
Site: ornico.co.za
Sectors: Marketing
Info: Ornico helps put marketing decision makers in the know about the most important strategic decisions they’ll ever make regarding their brands with a range of monitoring, tracking and analysis solutions used by local and global business leaders.
Archive:http://ozdc.net/archives.php?aid=4689
Part Files: 1
Data Info: site contents for orders.
Moolmans organisation
Site: moolmans.com
Sectors: Mining
Info: The Moolmans organisation, an operating group within The Aveng Group, began open pit mining in the late 1970′s. Today our company is a major force in surface mining in Africa.
Archive:http://ozdc.net/archives.php?aid=4690
Part Files: 1
Data Info: 173 tables listed with a mix of details from different systems on the site that contain a range of user and login credentials.
Password: Mixed for Tables, Some Clear Text and Some Encrypted.
ENDIAMA E.P
Site: endiama.co.ao
Sectors: Mining
Info: The history of ENDIAMA E.P is intrinsically linked to the beginning of the diamond mining in Africa. This is a secular/century-old trajectory which includes the XIX and XXI centuries,More.
Archive:http://ozdc.net/archives.php?aid=4691
Part Files: 1
Data Info: Comments
Angola Oilfield Supply Service
Site: angolaoilfield.com
Sectors: Mining
Info: A.O.S.S is an Angolan owned company dedicated to providing quality products to its customers. Angola’s Oil field industries, CIA teaser (spot the 4 obvious databases; vulnerable link has been posted alongside the server layout, retrieve the names, locations and time/dates from db “cia” and trace it back to Washington; the rest we’ll leave as a surprise)
Archive:http://ozdc.net/archives.php?aid=4692
Part Files: 1
Data Info: database layout information only
Express Petroleum
Site: www.expresspetroleum.co.za
Sectors: Petrol and gas.
Info: Express Petroleum cc was established in January, 1994 and is close to 16 years old.
Archive:http://ozdc.net/archives.php?aid=4693
Part Files: 1
Data Info: database information and two administration details with login credentials.
Password: Encrypted
University of the free state
Site: servicedesk.ufs.ac.za
Sectors: Education
Info: Service desk login for the uni
Archive:http://ozdc.net/archives.php?aid=4694
Part Files: 45
Data Info: Complete database extraction with administration details, user and student details, logs, comment forms and other site based features.
Password: Encrypted
Westcol
Site: westcol.co.za
Sectors: Education
Info: Westcol is a Further Education & Training (FET) College established within the public frameworks of the South African Departments of Education and Further Education.
Archive:http://ozdc.net/archives.php?aid=4695
Part Files: 1
Data Info: Database information and full user and administration login credentials.
Password: Encrypted
The INC
Site: theinc.co.za
Sectors: Media
Info: The INC is the national sales force for all Independent Newspaper titles.(managing the big RSA newspapers, bought & paid media)
Archive:http://ozdc.net/archives.php?aid=4696
Part Files: 1
Data Info: full staff login logs, credentials and permissions.
Password: Encrypted
Investoreports
Site: sasolsdr.investoreports.com
Sectors: Investments.
Info: Investoreports.com is the home of financial reports and video interviews
Archive:http://ozdc.net/archives.php?aid=4697
Part Files: 1
Data Info: database information, administration and user login credentials.
Password: Encrypted
N-SOKO -Kenyan Business Directory
Site: tenders.nation.co.ke
Sectors: services
Info:N-SOKO Tenders is a business utility that enables you to receive and manage the latest tender notifications from all over the Eastern Africa region
Archive:http://ozdc.net/archives.php?aid=4698
Part Files: 7
Data Info: database information, user logs and full user login credentials with emails, names, address, contacts and more.
Password: Encrypted
Algerian Government
Site: www.mta.gov.dz
Sectors: Government
Archive:http://ozdc.net/archives.php?aid=4699
Part Files:1
Data Info: 1 administration login credential.
Password: Encrypted
Mail and Guardian online pressoffice
Site: pressoffice.mg.co.za
Sectors:media
Info:Magazine in Africa (PressOffice linked to BidOrBuy, South Africa’s largest online store)
Archive:http://ozdc.net/archives.php?aid=4700
Part Files:1
Data Info: two databases with basic contact information.
freight forwarders
Site: freightforwarders.co.za
Sectors: unknown — appears to have malware warnings an issues by various sites.
Archive:http://ozdc.net/archives.php?aid=4701
Part Files:1
Data Info: database information, Agent details with contacts, names and further account details. Comments form entrys and results and tracking information.
PostNet
Site: digital.postnet.co.za
Sectors: Media
Info: Digital post shop.
Archive:http://ozdc.net/archives.php?aid=4702
Part Files: 18
Data Info: Complete database extraction from 203 tables. Table data is from site and core setup information, user and administration credentials which contain partial and full personal details such as telephone numbers, address, names, emails. It also contains a heap of company and previous billing and postage information as well as package details and more.
Passwords: Encrypted
Links
- http://pastebin.com/8fJbajpc
- http://ozdc.net/operations.php?op=project-sunrise
- http://www.cyberwarnews.info/2013/01/29/700000-accounts-leaked-for-project-sun-rise-heart-of-africa/
- http://www.cyberwarnews.info/2013/01/29/postnet-hacked-11099-credentials-leaked-for-projectsunrise/
Press Release
In South Africa things have become progressively worse since Mandela stepped down. The gangs have become stronger, bigger, and more ruthless than ever. We rest on our Loral’s that we are a free nation however all that has happened is the poor have become poorer and the rich have become richer. Companies like Anglo American have decimated our vast natural resources and have paid our local workers next to nothing. In a result of that they have become angry leading to multiple strikes that have crippled our economy. But you must be thinking, strikes mining industries pah! A fast developing country like South Africa should be able to shake that off with all that 1st world investment they are getting! But corrupt politicians from both the ANC and the DA have put the country into a spiralling economic disaster!
Then wall street happened which sunk my beloved country into a full on catastrophe. But once again 1st world countries came to our rescue by investing more money into our country which of course all went into building Zumaville which is a whole billion rand enterprise thats goal was to make a whole city in the middle of nowhere based on Zumas idea of a ideal city.
Once our corrupt politicians plunged us into a poverty stricken country. Our citizens which were previously poor became so poor that crime was their only chance of survival. So the gangs grew and grew and as the competition for crime grew bigger and bigger they became more ruthless than ever before. They pay no respect to woman and children raping like its going out of fashion. This is partly our judicial systems fault as they do not have a high rate of rape convictions which makes a potential rapist much more lightly to rape. Specialists say that if the rapes in prisons were recorded the number of rapes each year would double.
Now when I take a walk down the street of my beloved South Africa that has survived so much I have to watch my back for a mugger. If we keep our corrupt malicious government will a 1st world country be dumb enough to save us again? The answer is no they wont. But team GhostShell will, we have noticed how much you are in need of a savior not afraid of the law who can acces secure information and give it to you. Together with anonymouses #OpSAfrica team ghost shell will rid you of corruption, make all knowledge free and help South Africa out of crime, corruption and poverty. Together we can make a better South Africa for you.
We stand together
Divided by non
We are legion
We are team ghost shell and Anonymous together
We are a hackers ultimatum
We are active!
Operation statement
After two months of investigations, Team GhostShell has finally managed to fingerprint the entire top business infrastructure of South Africa, tracing some of it’s activities to other countries across the continent. As always, we will provide you with a glimpse of that world, so that everyone else can do their own research and draw their own conclusions from it. Although this time around, the goal was not to release a large portion of data, we will still provide you with enough non-disclosure accounts and records from a variety of businesses; corporations and governments.
The point of it is to find and see for yourselves the connections these entities have with one another, how they conduct themselves on the financial playing field but also economically speaking, how they actually do business world-wide. The data here ranges from government, banking, mining, petroleum, management, networking, transport services, construction, education/academics, other enterprises.
This project also ended up coinciding with one of our off-scene black operations regarding the oil industries in North Africa. Ties with the CIA have been made inside Angola and as such we’ll release a small teaser about it as well to promote this.
We are all ghosts living inside the shell.
Side notes
We’ve noticed that PasteSite has currently closed their services for new pastes, due to “resource usage rising higher than I can manage” which we know that’s bullshit. It would be quite embarrassing if we didn’t check our leaking platforms now and then to see if any significant changes have been made. Same thing happened to PrivatePaste last summer when we hit China, a DDoS attack followed on it for three days straight, then it got contacted by Wall Street after the IT leak and it went out of commission for over a month. Scaring the owners of these places will only make things worse. It would seem that even the gist from Github now requires an account to use the bin. Epic!
Just for the record, TGS uses these types of paste sites on purpose, because they’re easy to manage. Anyone can report bad content on them and they get removed after a couple of days, one week tops. But if you guys prefer, we can switch over to chinese and russian doxbins hosted on multiple networks with anti-ddos protection at any given time. It’ll also be a good opportunity for more shady characters to get their hands on the data as well. It’s your choice. For now, we’re saying goodbye to the old pastebins, you’ve all been great and welcoming the new batch for 2013.
Help Notes
If you’re from South Africa and you have a personal crisis, here are some places that might be of interest: http://www.southafrica.info/services/crisishelp.htm
South Africa Info provides information on various places that offer services for people in need, from helplines on diverse topics like rape, alcohol, drug addiction, mental health, depression, abuse among others. The National counseling line is 0861-322-322. National Aids helpline is 0800-012-322. The one for gender violence is 0800-150-150. Check the website for additional info as well as the name of the official websites that deal with such things.
Crimes can be reported and shared here: www.reportacrime.co.za
Some of these sites that we’ve researched are vulnerable to different types of cyber attacks so we went ahead and emailed them about it. Hopefully they will update.
For outside volunteers here’s a way on how you can contribute on the field: http://www.i-to-i.com/south-africa/
Also you can check out the African Medical and Research Foundation to learn more about the on growing issues and problems that South Africa is currently facing: http://www.amref.org/
No comments:
Post a Comment