Category Archives: Hacktivism

Three Italian universities hacked by LulzSec_ITA collective

The popular Italian hacktivist collective LulzSec ITA claimed via Twitter to have hacked three Italian universities.

The popular Italian hacktivist collective LulzSec ITA has announced via Twitter the hack of three Italian universities, highlighting the importance of the cybersecurity for our society.

The hacktivists claim that once hacked the universities did not disclose the data breach and attempted to hide the incident, violating the European Privacy Law GDPR.

Below the translation of message published by the group.

"Dear student / teacher friends, after a few months today we decided to focus our attention on you too :)
We spent  searching holes in Italian universities (and not only, we remember that dozens of universities were hacked in 2011), to try to show you that security in the academic environment must be taken seriously since the university is the den of the excellent minds of our future.
If the concept of security does not start from our schools, how can we have a better ruling class than the current one?  Since our previous attacks did not bring any sense of shame on your part, we decided to let you taste another round, until you are able to admit how is ridiculous your security.
 Lulz!" 

I reached the group to have more information about their operation, they told me that the choice to attack the universities of Basilicata, Napoli and Rome3 was casual.

As for motivation, they confirmed to me they have always had an interest in Italian education. They explained that after 9 years since the first attacks against the universities, nothing has changed from the cyber security perspective.

Two weeks after the hack, one of the universities breached by the group, Uniparthenope, sent a data breach notification via email to the impacted students and teachers. LulzSec ITA told me that the notification attempted to downplay the incident, despite the hacktivists claim to have accessed data contained in 27 databases and compromised some portals used by the university.

The other two universities, “Università della Basilicata” and Roma3 have yet to notify their students about the incident.

How did LulzSec ITA hack the universities?

In the simplest way, the hackers used a classic and very simple SQL Injection attack. Such kind of attack could be automatically launched by using very simple tools. SQL Injection attacks can allow attackers to access the target database.

It is embarrassing that universities could be hacked with a so simple technique. The hacktivists told me also that in some cases, they were able to bypass login pages without knowing the username and password, just using simply using SQL Injection strings.

Pierluigi Paganini

(SecurityAffairs – LulzSec ITA, hacking)

The post Three Italian universities hacked by LulzSec_ITA collective appeared first on Security Affairs.

Turkish Hackers hit Greek Government websites and local stock exchange

Turkish hackers hijacked for more than 1 hour the official websites of the Greek parliament, some ministries, as well as the country’s stock exchange.

While eastern Libya ports controlled by commander Khalifa Haftar are shutting down oil exports, the group of Turkish hackers named Anka Neferler Tim claimed Friday to have hijacked for more than 90 minutes the official websites of the Greek parliament, the foreign affairs, and economy ministries, as well as the country’s stock exchange.

Turkish hackers

The group announced the attacks on their Facebook page, the hackers carried out the attack because “Greece is threatening Turkey in the Aegean Sea and in the eastern Mediterranean. And now it’s threatening the conference on Libya“.

The attacks were launched after Khalifa Haftar held talks in Athens, two days ahead of a peace conference in Berlin. Both Hatftar and the head of Tripoli’s UN-recognised government, Fayez al-Sarraj, are expected to attend the conference, while representatives of the Greek government have not been invited to the conference.

Greek Prime Minister Kyriakos Mitsotakis met with Haftar, the government of Athens encouraged Libyan military commander Khalifa Haftar to be constructive in Berlin.

“We encouraged the commander to take part with a constructive spirit in Berlin’s procedure and try to achieve a ceasefire and the restoration of safety in Libya,” Greek Foreign Minister Nikos Dendias told reporters after the meeting.

The Turkish government is providing military support for the government of Sarraj and plans to send its military troops to Libya to fight against Haftar’s army. 

The Berlin conference aims at establishing peace in Libya under the aegis of the United Nations. 

Pierluigi Paganini

(SecurityAffairs – Turkish hackers, hacking)

The post Turkish Hackers hit Greek Government websites and local stock exchange appeared first on Security Affairs.