Anonymous to release 40GB cache from hacked ISP

By

Victim said to be among Australia's largest telcos.

Updated: The hacker behind yesterday's defacements against Queensland Government websites will release a sample of a massive data cache allegedly stolen from one of Australia's largest internet service providers.

Anonymous to release 40GB cache from hacked ISP

The hacker, claiming to be associated with Anonymous, told SC they would not release user details contained in the stolen data or name the victim telco.

But they said the telco was "one of Australia's largest".

The cache was said to be a 40Gb database backup and was accessed through an unpatched Adobe ColdFusion vulnerability.

The hacker said the unnamed telco later found and removed the remote shell they uploaded to the server and patched the vulnerability. 

A sample of the cache will be soon released via the hackers' Twitter account.

The data was stolen "to prove a lack of security at ISPs and telcos to properly protect the information" which would be stored under the Federal Government's data retention draft policies.

Yesterday, the same hackers operating under the banner of Anonymous defaced a string of Queensland Government websites in protest against the draft policies.

The hackers targeted the websites after Prime Minister Julia Gillard held an online video conference with the public through Google+, the search giant's social network.

Targeted websites included those linked to tourism, science and economic development. The text of of each defacement was removed shortly after the attacks.

Traffic filtering data was stolen reportedly through a local file inclusion vulnerability on the Queensland Department of State Development website and uploaded to the website ParAnoia, operated by the Anonymous research wing.

Defacements of Australian websites are a daily occurrence and are considered basic in information security circles.

The latest round is targeted as a protest against the proposed data retention poicy.

The Government has held talks with internet service providers for the past two years on the proposal, which would mandate providers to store up to two years' worth of a users' online historical data and provide easier access to social networks such as Twitter.

A public discussion paper released this month on the topic, also providing greater powers to the Government's spy agencies, brought the issue back in the spotlight.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?