The free content management system (CMS) used by the FBI on its official website was hacked by CyberZeist, who managed to gain access to more than 150 accounts including email addresses and encrypted codeof access.
CyberZeist breached it Plone CMS, used by the FBI, in late December, using a zero-day, discovered by someone else, and explains that there are still many other agencies and services which are vulnerable to attacks, such as the EU Agency for Network Information and Security and the Intellectual Property Rights Coordination Center.
After hacking of the FBI.gov website, CyberZeist discovered a dump of the database, which appears to include email addresses and SHA1 encrypted passwords.
The hacker reports that the site was hosted on a VM and this stopped him from getting root access, but anyway he was able to retrieve some server information. The FBI server was running 6.2's FreeBSD version 2007_RELEASE with custom settings as reported the hacker.
By violating FBI.GOV, it was clear that their webmaster had a very lazy attitude, as he had kept the backup files (.bck extensions) in the same folder as the site root (Thanks Webmaster!), But still I have not leaked all the contents of the backup files. "Instead I tweeted my findings and thought about waiting for the FBI response," CyberZeist said.
In addition, the hacker reported that zero-day exploit has already been sold via Tor, so it will not share more details until it is no longer available for purchase.
https://twitter.com/Amnesty_Schweiz/status/816680016507498497
Amnesty International, one of the organizations using the same CMS software, has already recognized vulnerability. The FBI has not posted any comments for this hack at this time.
CyberZeist, meanwhile, said the FBI was trying to fix the vulnerability on New Year's Eve, so it believes the CMS is now safe.
