Hackers Target Al Arabiya, Leak Passwords After Exploiting Zimbra Vulnerability


Al Arabiya hacked by NullCrew

Hackers of the NullCrew collective are back. Their latest target is Al Arabiya, the famous Saudi-owned pan-Arab news organization, one of the largest in the Middle East.

NullCrew says it has teamed up with The Horsemen of Lulz for their operation against “the system.”

“Al Arabiya is the second largest news agency in the Middle East. Considering we’ve been targeting large media corporations? Well, it falls right into our range; So, without further ado. NullCrew and The Horsement Of Lulz persent to you? The candies,” the hackers wrote in a statement next to the data they leaked.

NullCrew and The Horsemen of Lulz claim to have exploited a vulnerability in email server and web client software Zimbra. As a result of the attack, usernames and passwords for the mail server have been leaked online.

Several @mbc.net email addresses have also been leaked, which indicates that the breached email server belongs to the Middle Easters Broadcasting Center, the company that owns Al Arabiya.

The hackers have told Softpedia that they’ve gained access to a lot of data, but it’s uncertain at this time whether they’ll leak more of it.

“Do we plan to release more? It all depends on how much use it holds to us, things of particular use can be used over, and over again. We treat certain data the same way we treat 0day. Why leak it when it can be used properly down the road?” one member of the NullCrew collective told us via direct message on Twitter.

More information might be leaked in the next phase of the operation, the hackers said.

As far as their motives are concerned, the hacktivists say their operation against the system isn’t limited to the “general part of the system.” Similar to previous targets, like Bell and Comcast, Al Arabiya is one of the leading organizations in its field.

We’ve reached out to Al Arabiya to see if they can comment on the hackers’ claims. This post will be updated when they respond to our inquiry.

NullCrew also leveraged a Zimbra vulnerability to breach Comcast back in February. At the time, they said they exploited a local file inclusion (LFI) in the mail server to gain access to usernames, passwords and other server information.

Comcast tried to downplay the seriousness of the breach, but as ZDNet’s Violet Blue highlighted at the time, the information leaked by the hacktivists could have easily been abused.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s