FBI Hacked! As shocking as it may sound, notorious black hat hacker, going by the name CyberZeist, has claimed to breached the FBI website for the second time and leaked personal account information of 155 FBI officials on a public site.
CyberZeist, also known as Le4ky, exploited a zero-day vulnerability in the Plone Content Management System (CMS) of the FBI’s website, on December 22, 2016. A zero-day fault is a vulnerability in the code that has not been detected, listed, or patched yet. Therefore, the FBI had zero days to respond to the attack. CyberZeist then went on to leak some of this exploited data on Pastebin, claiming “This leak is totally devoted to the Anonymous Movement.”
The Plone CMS is considered to be one of the most secure CMSes available today. It is used by many major websites like Google and Walmart, as well as major United States agencies including the FBI and the CIA. CyberZeist explains that the vulnerability that was exploited, was in the CMS’s various python modules.
CyberZeist was apparently “assigned to test out the 0day vulnerability on FBI and Amnesty website” by a vendor, and had not discovered the vulnerability on his own. The vendor was “too afraid” to test it on FBI himself, so CyberZeist went ahead and published the findings.
Interestingly, while media from other countries published information about the hack, none of the US based publishers did.
While CyberZeist was waiting for FBI to react, several sources were interested in obtaining the leaks, which were denied. CyberZeist then tweeted multiple screenshots as proof of his claims.
Go to the Next Page…