Update: Full report here
A British defence company has been breached and as a result a heap of documents have been published online and now the site has gone offline.
The attack is on britam defence (http://www.britamdefence.com/) and has been claimed by a hacker using the handle JAsIrX who uploaded the leaked information to various file sharing websites and released it via a single pastebin post with the a message about the release (see bottom).
The documents come in 6 parts and total over 423MB compress zip files and inside the compress files appears to be a common layout of three main folders named !!Syria, Iran and Iraq.
Inside these appear to be documents like passports, incident reports about drunk employees which are labelled private and confidential as well.
A quick look into the files shows shocking plans for chemical warfare attacks where they have planned to lure victims to kill zones. The file can be found in the Iran folder under OPLAN (Ruhayyat) 1433H-1.doc.
Move from their garrisons to occupy AA at Grid (1556) (IAW Movement Order).
On order defend in the designated sector from Grid (378477) to Grid (275408).
Facilitate the passage of the Screening Force through PP (1, 2).
Fix Enemy forces and lure them to the Killing Zones.
On order conduct Counter Attack.
Support Reserves when they conduct deep operations.
Full Gallery of documents in leak below:
At time of publishing the website appears to be offline with the plesk help page showing giving links to php and other test pages which leak information about the server which could lead to further attacks.
The leaked data also contains usernames and administration login credentials which appear to be stored in clear text which is a real big worry for a defence company.
Also as noted below the British defence company was using a Singapore based host for its server, its any wonder why such companys do this when its national security they handle.
Message from the release:
I’m JAsIrX and I will share with you some documents downloaded after hacking Britam Defence server.
Its website is located on the Malaysian server. I found bugs in the website with same ip and uploaded web-shell through this site.
Then I hacked plesk parallels control panel and gained access to Britam Defence mail accounts and website directory.
- Contracts copies with signatures
- Private email correspondence
- Personnel data, etc.
Britam Defence is British private military company, operates mainly in the Middle East. It killed Arabs in Iraq and plans to invade in Iran and Syria.
Look through leaked documents carefully. CW means chemical weapon, g-shell is short for a gas shell I guess.
Help to distribute this info and let other people know about the threats.
If i get more time i will release a report into the contents of this leak.
Update: Full report here