April 9, 2016
On April 6, a hacking outfit going by the name of Cyber Justice Team leaked 10 GB of compressed data from multiple Syrian government and private websites.
The hackers uploaded the files on the MEGA file hosting service, which when decompressed yielded over 43 GB of data. The announcement was also accompanied by a PasteBin which included the password file from a breached Linux server belonging to the Syrian National Agency for Network Services, the country’s regulatory commission for IT services.
Analysts from Risk Based Security (RBS) analyzed the data dump, which they say contained 38,768 folders with 274,477 files from 55 different website domains, belonging to both national agencies and private companies.
Of the 55 domains, 25 were government websites (.gov.sy), two .org.sy domains, one .com.sy, and the rest were regular .sy domains.
“The first pass at reviewing the data sparked a sense of some more deja vu, as many of the files appeared to include domains from previous, smaller defacements and leaks,” RBS wrote in a blog post on Friday. “Further analysis confirmed our initial suspicions.”