FBI.gov hit hard for the new year.

The infamous hacker CyberZeist (@CyberZeist2) is taking credit for the massive hit on fbi.gov on January 1st.  It appears that he managed to not only gain access to the site, but also deface and leak some email addresses along with their SHA1 hash and salts.

Clearly the FBI has already fixed the 0day that CyberZeist used to attack the website and restored the site, but this is just yet another embarrassing breach for the FBI.  Based on the information that he leaked, the FBI was working on the vulnerability while he exploited it simultaneously.  In addition to the emails that he leaked, he also left a bit of information that he was able to gather while inside, such as the fact that the site was running in a virtual machine, and that it was running FreeBSD.

Based on the information in the paste, the accounts were pulled out of some backup files that were left in the web root.

[snip]

it was clearly evident that their webmaster had a very lazy attitude as he/she had kept the backup files (.bck extension) on that same folder where the site root was placed (Thank you Webmaster!)

[/snip]

As a little side note, in the paste he also mentions that he has created a poll for his next target.  The choices are pretty interesting.

Sadly, however the results aren’t publicly available, and chances are I will demand a recount when they come out anyways.

Daniel is a freelance web developer and IT consultant with a passion for security and privacy. Although he isn't much of a writer, he enjoys writing blog posts that help out others in the community.

4 thoughts on “FBI.gov hit hard for the new year.

Leave a Reply

Your email address will not be published. Required fields are marked *