Anonymous to release 40GB cache from hacked ISP

Powered by SC Magazine
 

Victim said to be among Australia's largest telcos.

Updated: The hacker behind yesterday's defacements against Queensland Government websites will release a sample of a massive data cache allegedly stolen from one of Australia's largest internet service providers.

The hacker, claiming to be associated with Anonymous, told SC they would not release user details contained in the stolen data or name the victim telco.

But they said the telco was "one of Australia's largest".

The cache was said to be a 40Gb database backup and was accessed through an unpatched Adobe ColdFusion vulnerability.

The hacker said the unnamed telco later found and removed the remote shell they uploaded to the server and patched the vulnerability. 

A sample of the cache will be soon released via the hackers' Twitter account.

The data was stolen "to prove a lack of security at ISPs and telcos to properly protect the information" which would be stored under the Federal Government's data retention draft policies.

Yesterday, the same hackers operating under the banner of Anonymous defaced a string of Queensland Government websites in protest against the draft policies.

The hackers targeted the websites after Prime Minister Julia Gillard held an online video conference with the public through Google+, the search giant's social network.

Targeted websites included those linked to tourism, science and economic development. The text of of each defacement was removed shortly after the attacks.

Traffic filtering data was stolen reportedly through a local file inclusion vulnerability on the Queensland Department of State Development website and uploaded to the website ParAnoia, operated by the Anonymous research wing.

Defacements of Australian websites are a daily occurrence and are considered basic in information security circles.

The latest round is targeted as a protest against the proposed data retention poicy.

The Government has held talks with internet service providers for the past two years on the proposal, which would mandate providers to store up to two years' worth of a users' online historical data and provide easier access to social networks such as Twitter.

A public discussion paper released this month on the topic, also providing greater powers to the Government's spy agencies, brought the issue back in the spotlight.

Copyright © SC Magazine, Australia


Anonymous to release 40GB cache from hacked ISP
 
 
 
Top Stories
Photos: iTnews Benchmark Awards countdown begins
Just a few days left until entries close for 2014.
 
Australian Govt to rethink cyber security strategy
Six-year old policy to be refreshed.
 
The failure of the antivirus industry
[Blog post] Insights from AVAR 2014.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 1071

Vote