Brazilian Army Server Hacked More Than 7000 Accounts Leaked
Brazilian Army Server Hacked More Than 7000 Accounts Leaked

The source of the news have refused to be named but it is confirmed that more than 7000 Army identity leaked by hacked.

According to a source who declined to be named in frame, the servers of the Brazilian Army were hacked on Sunday morning November 8th and over 7000 military accounts were leaked on the internet.

The charge is that the Cyber ​​Defence Centre (CDCiber) the corporation were participating for the genre competitions times “Capture the Flag” (or “Capture the Flag”), in which the teams have to use hacking techniques to achieve a certain goals, which may involve defending a personal computer or break into a system made especially for the marathon.

Brazilian Army Server Hacked More Than 7000 Military Identity Leaked

According to the invaders, the Brazilian Army participated in the last major events of CTF and won challenges using a forbidden technique known as “WiFi re-authentication attack” (or simply WiFi deauth), eliminating other competitors from the local WiFi network and allowing only his own team could play.

The practice was first identified during Hackaflag PR, on 17 October, during the Roadsec of Curitiba, and in which an army major was the winner. The “cheating” has come to be repeated on a larger scale during the edition 2015 of Hackers 2 Hackers Conference (H2HC), which was organized between the 24th and 25th of last month in Sao Paulo capital. This generated numerous disagreements between participants from Brazilian and military hacker scene on social networks.

In retaliation, a group of anonymous hackers broke into numerous databases and multiple servers of the Brazilian Army, with access to over 7000 accounts in less than eight hours. All passwords, such as an unsubtle challenge to the military establishment, were published in this text document by Pastebin service. The “announcement” of the attack would have been done for the first time in a mailing list called Brazil Underground.

“We learned that the Brazilian Army has participated in games Capture The Flag and has been viewed as an elite team using its advanced death attacks on wireless networks,” said one of the attackers. “It is rather shameful security of the Brazilian Army, each system has critical vulnerabilities”, he adds. Even the domain controller was kidnapped by the team.

The provocations did not stop there. Hackers still guide us to do the “homework” using the thousands of CPFs leaked to discover the owners of each of the passwords and use in other systems the federal government. As a bonus, one of the back doors (security flaws) found by the team was released for anyone interested in testing it.

Also Read:

At the end of the document, the invades propose a public challenge to the Brazilian Army: Capture the Backdoor or CTB. In all there are 10 vulnerabilities, including a BIOS installed on the servers. “You can use attacks against infrastructure without suffering penalty,” the group said. And they warn: the deadline to find all these gaps is up to the Olympic Games 2016, scheduled to start on August 5.