Today #opAustralia has set its flag on the AAPT domain. They succesfully hacked and leaked 40gb data on the internet. Later they succesfully published another leak containing credentials and SSL certificates.
The leaked file contains an .TXT file named business accounts and government accounts. The information in this file looks real.
The business file contains the following database rows. AgreementId, Accountname, IsMasterAccount, abn, acn, Employeecountid, SiterangeId and "Monthlyspend".
Looking trough the government account some names come up:
- Sydney National Office
- NSW Department of Information Technology & Management
- Embassy Of Switzerland
- Embassy Of Iran
- AUST CHAMBER OF COMMERCE
But one of the most interesting leak is the .AU-SSL-CERT certificate. This file is also in the leaked zip file. The certificates full name is:
app.aaptbusiness.com.au
There is an overview with user credentials in the sf_users file.
For more information read this article.
Tags:
