The teen hacking group “Crackas With Attitude” (CWA), who hacked into the email account of CIA’s director John Brennan last month has struck again. This time, they have breached into federal systems and have leaked lots of sensitive data.
Since the last month’s attack, the hackers reportedly compromised email account of FBI Deputy Director Mark Giuliana’s wife and then recently they got hold of national Joint Automated Booking System (JABS PDF) which has data in relation to all the arrests carried out by FBI and also holds the records from Internet Crime Complaint Center and the FBI’s Virtual Command Center.
The reason behind targeting Giuliana is that he is the person who is assigned by the FBI for investigating the group. Cracka, one of the members of the hacking group, told Motherboard they hacked into the email account Giuliana’s wife and found Guilana’s phone number and called him to which he replied:
“I don’t know you, but you better watch your back.”
The hacker tweeted that Comcast and AOL had nothing to do with breaching the feds’ accounts. There are no links between the email account hack and the system hack. Both the attacks are different and were carried out separately.
Why are media saying we jacked aol and a comcast account? Comcast and AOL was nothing to do with this..
— cracka (@phphax) November 5, 2015
The same people who obtained the CIA e-mails just breached the FBI servers,
— Anonymous (@YourAnonNews) November 8, 2015
Once they had the control of the system they leaked personal details of 2400 government employees. Softpedia in a post said hackers are claiming to have over 34000 personal details of not only government employees but also from the military personnel. The details include full names, job titles, organizations, agencies, email addresses and phone numbers.
— cracka (@phphax) November 8, 2015
Though, it’s still unclear on how the hackers had these details via a hack or they purchased from Dark web.
FBI has already started working on hunting down the hackers and they are very keen on a quick arrest of the group. But, the officials from FBI denied commenting on the charges they will put on the group but certainly they would be related to “illegal activities in cyberspace.”
The group also claims to have the access to the JABS system only FBI and Law enforcement agencies have, when they exploited a flow in the system and breached into it.
The JABS portal led them to the discovery of many other tools used by FBI and law enforcement agencies like Enterprise File Transfer Service, Cyber Shield Alliance, DFS Test, eGuardian Training, IC3, IDEAFX, Intelink, Intelink IM, and Justice Enterprise File Sharing.
Furthermore, the system also provides access to Special Interest Group, Virtual Command Center, National Data Exchange, National Gang Intelligence Center, Repository for Individuals of Special Concern, RISSNET, ViCAP Web National Crime Database, Active Shooter Resources Page, Malware Investigator, Homeland Security Information Network, and eGuardian for any data they require, reports the Network world.
— cracka (@phphax) November 8, 2015
Cracka, who was the first personal to post a screenshot tweet of the JABS portal, believes they had the information of everyone in the US.
One of the former FBI officials on the leaked records said:
“All arrests and bookings no matter the sealing,” but some sealed records “will only have limited data.” “The records go in but after processing they can be removed if they are sensitive matters, or more likely there will be [a] flag when you run a name to contact a specific agency. Hackers might be removed if they are potentially cooperating witnesses or sources.” He added, “It takes some serious work or threats to get the records removed.”
JABS is mentioned online by the FBI, ATF, DOJ, U.S. Marshals and others. The hackers claim to have had access to “law enforcement’s Enterprise File Transfer Service, which the government describes as a web interface for securely sharing and transmitting files,” and provided a lengthy menu list of sensitive tools to which they allegedly had access.
The menu included Enterprise File Transfer Service, Cyber Shield Alliance, DFS Test, eGuardian Training, IC3, IDEAFX, Intelink, Intelink IM, and Justice Enterprise File Sharing. Additionally, the portal supposedly provides access to Special Interest Group, Virtual Command Center, National Data Exchange, National Gang Intelligence Center, Repository for Individuals of Special Concern, RISSNET, ViCAP Web National Crime Database, Active Shooter Resources Page, Malware Investigator, Homeland Security Information Network, and eGuardian.
One recent tweet from the hacker shows a document allegedly from the FBI database about activist and hacktivist Jeremy Hammond’s arrest.
Jeremy Hammond was sentenced to 10 years in federal prison while sabu got off scot-free for his cooperation. pic.twitter.com/FyiGiIQQLS
— Thwarting exploits (@IncursioSubter) November 8, 2015
This is something very difficult to swallow for the US government because this system contains very sensitive data and hacking of such significant data by such a low profile hacking group has left a big question mark on overall security practices carried out by security professionals in US.