[BreachExchange] Hackers attempt to extort Polish Defence Ministry for $50, 000 after stealing data

Audrey McNeil audrey at riskbasedsecurity.com
Fri Jul 15 15:14:57 EDT 2016


http://www.ibtimes.co.uk/hackers-attempt-extort-polish-defence-ministry-50000-after-stealing-data-1570861

A hacking group called 'Pravyy Sector' is attempting to extort the Polish
Defence Ministry for $50,000 (€45,000, £37,000) while threatening to
release a number of sensitive files stolen from its computer networks if no
payment is received.

The hacking group, which takes its name from the far-right Ukrainian
political party Pravy Sektor – or 'Right Sector' – claims to represent the
group however has provided little evidence to back up these assertions.

The hackers have leaked documents in an attempt to prove their legitimacy.
These include scans of official government files and screenshots that
appear to show the desktop of a Defence Ministry computer. According to
Softpedia, the hackers also leaked an Excel spreadsheet containing 1,368
entries and logs from the department's intranet system.

In response, as reported by Sputnik, the Polish Defence Ministry has
claimed the leaked files were outdated and "no longer relevant". In a
statement, a spokesperson said: "In connection with the information on
hacking of the Defence Ministry's database, [we] clarify that it was a
manipulation to create the impression of a dangerous cyberattack."

Other sources have called the credibility of the leak into question,
including Polish security firmNiebezpiecznik, which has been covering the
story as it develops.

On 14 July, Pravyy Sector uploaded images to its Twitter account purporting
to show evidence of Poland's involvement with the US Prism programme –
first exposed by NSA contractor-turned-whistleblower Edward Snowden in
2013. However, according to Niebezpiecznik, the information had signs of
tampering. "The data from Prism look so crafted/false (sic)," it said.

The image, uploaded with the caption 'resume to Prism', shows the full
details of a Polish solider. However, when contacted by journalist Lukasz
Woźnicki, the subject in the leak said the document was a form military
personnel must fill out when applying for service abroad, nothing to do
with a global spy programme. Additionally, the soldier confirmed the leaked
data – including passport details – was outdated.

This last warning and if the Polish Gov. dnt pay us $50k we will publish
all the logs in public within few hours

— Pravyy Sector (@pravsector) July 14, 2016

As previously reported, Pravyy Sector recently claimed responsibility for
stealing customer data including names, bank account numbers and personal
IDs from Netia, the second-largest telecomsoperator in Poland. The
telecommunications firm confirmed on 7 July its website was targeted by
hackers, who reportedly exploited vulnerabilities in numerous web forms to
steal 14GB-worth of sensitive information.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160715/2270dd81/attachment.html>


More information about the BreachExchange mailing list