Bang on time with the beginning of this year’s football event! An attacker seemingly sympathizing with various Anonymous operations gloats about hacking football related websites. He announced several hacks of this kind – his last post of leaked data: not older than two days.
The attacker was able to grab thousands of user data sets from various website databases and leaked the data on the Internet. User names, real names, e-mail addresses, phone numbers and passwords, sometimes even bank account information and more – everything publicly available for everyone and only seldom encrypted. According to the hacker, he was also able to retrieve several admin passwords with corresponding host addresses, which he published as well.
Even though the attacker stated “fun” as his main reason to attack the football-related websites earlier, the possible truth came to light yesterday: he published a message, stating that he performs the attacks because football clubs earn huge amounts of money while the economic crisis ruins middle-class people.
This form of digital protest is what we call “Hacktivism” and it is definitely not a trivial offense. G Data has warned against such attacks in the wake of the UEFA EURO 2012 in the G Data preview for 2012.
The victims, along with the unaware users, are several popular top football clubs from Germany, Italy, the Netherlands, Spain, Cyprus and Greece and one national football association in addition to a web presence very closely connected to the UEFA Euro 2012 and a private fan-blog community.
With respect for the victims, we do not yet release any further information about their identity. We are currently contacting the potential victims and are informing them about the matter, providing assistance and advice if needed.
Regarding the used vulnerability:
The information gathered until now leads us to the strong suspicion that the attacker used vulnerabilities to perform SQL injections and CRLF injections to retrieve user information.
What can be done with the data leaked?
The data available has a lot of potential for further fraudulent activities.
We’ll keep our eyes open and pursue the incident!