EXCLUSIVE: Hacked ABC website likely breached by crooks in 2011
The ABC Website compromised by anonymous attackers overnight was likely already breached by cyber-criminals active on Russian forums as far back as 2011.
The user database of the Making Australia Happy television program was published overnight with the emails and hashed passwords of its 50,000 users dumped on paste websites.
The pastes were released under the tag "#OpWilders"; the breach ostensibly a revenge attack over the ABC's decision to air an interview with controversial anti-Muslim Dutch politician Geert Wilders, who visited Australia last week.
But strong circumstantial evidence has emerged that suggests the site had already been compromised by criminals. The first two password hashes in the compromised database appeared on a Russian cybercrime website, in sequence, in 2011.
Forum user "prevedma1" posted a thread in October 2011 titled "Need crack hashes" before pasting in two SHA1 hashes. The hashes are identical to the first two contained in the leaked user database. One of them corresponds to an ABC user account with moderator privileges.
You can see a screen capture here.
If this database was indeed obtained by cybercrooks back then it's likely it was used in phishing and malware campaigns. It is unclear why the supposed attacker was seeking to crack those hashes, but the ABC moderator account would have presumably afforded simple and privileged access to the site's content management system.
It's also possible the attacker was hoping the ABC admin account password was re-used elsewhere. Cracking it would be an excellent way to further propagate an attack deeper into the ABC network.
Opinion seems divided as to whether the latest hack, or "operation" in Anonspeak, was met with approval from the Anonymous community. An attack against a media organisation by a protest "brand" that supports free speech seems to run contrary to the anti-censorship ideals of the Anonymous movement.
Follow Patrick Gray on Twitter here.
Check out the Risky Business podcast here.
A global vulnerability analysis…8 hours 19 min ago
In some cases, yes!8 hours 21 min ago
Handy talk for CIOs and CSOs...8 hours 22 min ago
How far do decent crypto controls get us?8 hours 24 min ago
A call to action for infosec pros…8 hours 27 min ago
- Since you asked...
7 hours 8 min ago
- Love the Das Efx tribute.
11 weeks 18 hours ago
- LOL so no comment by Adobe's
12 weeks 2 days ago
- Welcome back, great stuff as
14 weeks 6 days ago
- AEDs are very accurate and
21 weeks 2 days ago
- I did see that after we
21 weeks 4 days ago
- Great podcast, a small
22 weeks 2 days ago
- Peck of pickled peppers? We
25 weeks 1 day ago
- Link to Sophail: Applied
27 weeks 6 days ago
- Fixed. I got autocorrected...
30 weeks 14 hours ago