60,000 Personal Credentials Leaked From Syrian Sites

K2Zl4_kT_400x400

Today a hacker from the European Cyber Army going by the handle @Zer0Pwn has announced a leak of data from two syrian based websites job.sy, realestate.sy.

The leak which is titled “ECA vs. Assad | Part 1” was posted to pastebin with a preview of some of the users data and a link to sendspace. The attack is apart of a bigger operation that is going on towards what the hackers are claim are pro-assad targets.

The data leak has resulted in over 60,000 Accounts being dumped online and between the two databases are users credentials which have encrypted passwords for job.sy but plaintext for realestate.sy. Both databases have full user details such as full names, contact phone numbers and home addresses. On the march 30th career-sy.com appears to of been breached and posted to pastebin as well with 3 administrator credentials as well as the vuln entry point and link for the control panel login which is located on the job.sy server which career-sy.com redirects to now.

Some attacks by other ECA members have been carried out and posted to twitter by @ECA_Legion with data being leaked from syrianmonster.com, a syrian hosting website, ddos attacks on sites like syria-courts.com, sana.sy and moj.gov.sy. banquecentrale.gov.sy. The leak of data from the realestate.sy database appears to have plaintext passwords to accounts linked to www.scs-net.org which is one of the job.sy official partners to making all three sites linked together or even owned and operated by the same people possibly.

Full dump info

http://realestate.sy/

File realestate.sy_users.sql
File Contents:  3,257 Emails that are unique out of 3,517 Total emails Found.
Information: Contains user names,email addresses, clear text passwords, full names, phone numbers, locations and site related information.

File realestate.sy.sql
File Contents: 4,912 Emails that are unique out of 13,223 Total emails Found.
Information: Complete internal messaging system, site logs and administrator login logs with ips and cookie information.

http://job.sy/

File job.sy_users.sql
File Contents: 50,017 Emails that are unique out of 52,483 Total emails Found. Included in the job.sy.sql file as well.
Information: Contains user names, encrypted MD5 passwords, email addresses, home addresses and contact numbers and full names as well as other site related information.

File job.sy.sql
File Contents: 59,575 Emails that are unique out of 84,343 Total emails Found.
Information: Contains logs with ip addresses and browser information, messages between job seekers and employees between, min resumes, job comments

syrianmonster.com
Only contains 1 administrator account with username and password.

http://career-sy.com/
3 administrator credentials with user names and encrypted passwords.