Hackers leak ‘FBI watchlist’, demand release of Russian spammer
Image credit: Dreamstime
A hacker group which has been leaking data allegedly stolen from federal websites has demanded the release of a notorious Russian spammer currently held in US custody.
At the end of last week, the hacker group calling itself ‘PokemonGo Team’ posted the personal information of thousands of federal agents and law enforcement officers, among other content taken from FBI-affiliated websites.
The three websites belonged to local chapters of the FBI National Academy Association (FBINAA): a non-profit organisation which supports training for US law enforcement personnel. The hackers were able to exploit security flaws in these websites and download the contents of their servers.
Spreadsheets containing approximately 4,000 unique personal records were uploaded online. The spreadsheets listed names, contact details and home addresses.
In a statement, the FBINAA said that it was working with federal authorities to investigate the initial attack and that its national database had been confirmed to be safe and secure. “The FBINAA takes every action to secure the safety and security of our members and their personal information. If it is determined that there has been felonious activity, we will prosecute the culprits to the fullest extent of the law,” the organisation said. The FBINAA said that it was possible that the hackers could have exploited third-party software used by all three of the chapters confirmed to have been affected.
One of the hackers, contacted by a TechCrunch reporter, claimed that they had hacked more than 1,000 sites and that they were in the process of structuring the stolen data to prepare it for sale. The hacker claimed to have acquired “over a million data” regarding employees of federal agencies and public services. They identified themselves as one among a group of more than 10 engaged in the effort.
The hacker said that they had used public exploits, meaning that it is highly likely that the targeted websites were outdated and vulnerable to attack.
Since the initial set of data was published, the PokemonGo Team has continued to dump data online for anyone to access. According to a report from Bleeping Computer, the hackers have now published the personal information of tens of thousands of members of the American Advertising Federation (AAF). The leak contains details of 22,013 people, including contact information. The hackers claim that the records represent “a list of people being watched by the FBI”. However, the data has been connected to a previous leak affecting AAF members.
The group’s Twitter account was suspended soon after posting download links for the data, although it remains accessible on the group’s website.
Before being banned from the platform, the hacking group stated on Twitter that it wants to see the release of Peter Levashov, a Russian virus creator and one of the most prominent spammers on the internet. Levashov was extradited to the US in 2018 and remains in custody, strongly suspected of running the infamous Kelihos botnet and others like it.