Hackers claimed to have exploited a SQL Injection vulnerability in The Western Australian website and gained root access to the entire server. The breach allowed hackers to access all domains hosted in the server including website of Southern Computer Company.
“After that we get into SCC client base and f***around with their client computers which are running remote services on Windows machines; and some of these clients are AU Government. Thanks for the additional bots and all the #Data. We’d like to thank The Western Australian for the SQLi and InterVolve Cloud for a very vulnerable set of boxes.” The hackers said.
The group leaked 1,400+ usernames and passwords compromised from Loretto Telecom website and a link to the login page.
“We worked together quite quickly when we exploited and got root to this box. After we got axx we plundered all of the accounts for tens of thousands of digital monies ($), with these monies we purchased BTC and LTC and ordered lots of ** and pizzas to the FBI and DoJ like we normally do when we get lots of booty (YARR)” Hackers wrote next to the leaked data.
The group also claimed to have breached mound.net and gained access to accounts and “purchased tens of thousands of dollars worth of BTC and LTC. Many bank accounts were also completely penetrated and we still have access to these accounts.”