The free content management system (CMS) that uses The FBI's official website was hacked by CyberZeist, who managed to gain access to more than 150 accounts including email addresses and encrypted passwords.
CyberZeist breached it Plone CMS, used by the FBI, in late December using a zero-day, discovered by someone else, and explains that there are still many other organizations and agencies that are vulnerable to attacks, όπως το EU Agency for Network Information and Security και το Intellectual Property Rights Coordination Center.
After hacking the FBI.gov site, CyberZeist discovered a dump of the database, which appears to include email addresses and SHA1 encrypted passwords.
Ο hacker he states that the site was hosted on a VM and this stopped him from gaining root access, but he was able to retrieve some server information anyway, The FBI server was running FreeBSD version 6.2_RELEASE of 2007 with custom settings as reported by hackers.
“With the FBI.GOV breach, it was clearly evident that their webmaster had a very lazy attitude as he had kept the backup files (.bck extensions) in the same folder as the site root (Thanks Webmaster!), but still I have not leaked all the contents of the backup files. Instead I tweeted my findings and thought I'd wait for the FBI's response,” CyberZeist reported.
In addition, the hacker reported that zero-day exploit has already been sold via Tor, so it will not share more details until it is no longer available for purchase.
https://twitter.com/Amnesty_Schweiz/status/816680016507498497
Amnesty International, one of the organizations using the same CMS software, has already recognized vulnerability. The FBI has not posted any comments for this hack at this time.
CyberZeist, meanwhile, said the FBI was trying to fix the vulnerability on New Year's Eve, so it believes the CMS is now safe.
