Jump to content

Teamp0ison: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
No edit summary
Taserbeat (talk | contribs)
59 edits
m removed unnecessary language, primarily in "Activities in 2016" (seemed to have, appeared to have, etc) + some minor errors
Line 23: Line 23:


== Facebook ==
== Facebook ==
In January 2011, unauthorized status updates were posted on [[Mark Zuckerberg]] and French President [[Nicolas Sarkozy]]'s accounts on social-networking site [[Facebook]]. On January 25, a spokesperson for Facebook acknowledged the bug in their system and said it has been fixed. Later that week [[The Daily Beast]] reported that "''TriCk''", a member of TeaMp0isoN, along with members of a group known as "ZHC", said they had exploited a bug in the web site on previous New Year's Eve, allowing them to post unauthorized status updates and to block temporary newsfeeds to a list of 130 pages. A spokeswoman for one of the targeted groups, the [[English Defence League]], confirmed that they were targeted and their pages critical of [[Islam]] were indeed hacked. Members of Facebook's security team said after being contacted on the matter by The Daily Beast, they had found no evidence of malicious activity on their logs.<ref>{{Cite web|url=http://www.thedailybeast.com/articles/2011/01/27/the-mujahedeen-hackers-who-clean-facebook-and-the-facebook-privacy-breakthrough.html|title=The Mujahideen Hackers Who 'Clean Facebook'|last=Ries|first=Brian|date=2011-01-27|website=The Daily Beast|access-date=2016-05-03}}</ref>
In January 2011, unauthorized status updates were posted on [[Mark Zuckerberg]] and French President [[Nicolas Sarkozy]]'s accounts on social-networking site [[Facebook]]. On January 25, a spokesperson for Facebook acknowledged the bug in their system and said it has been fixed. Later that week [[The Daily Beast]] reported that "''TriCk''", a member of TeaMp0isoN, along with members of a group known as "ZHC", said they had exploited a bug in the web site on previous New Year's Eve, allowing them to post unauthorized status updates and to block temporary newsfeeds to a list of 130 pages. A spokeswoman for one of the targeted groups, the [[English Defence League]], confirmed that they were targeted and their pages critical of [[Islam]] were indeed hacked. Members of Facebook's security team said after being contacted on the matter by The Daily Beast, they had found no evidence of malicious activity on their logs.<ref>{{Cite web|url=http://www.thedailybeast.com/articles/2011/01/27/the-mujahedeen-hackers-who-clean-facebook-and-the-facebook-privacy-breakthrough.html|title=The Mujahideen Hackers Who 'Clean Facebook'|last=Ries|first=Brian|date=2011-01-27|website=The Daily Beast|access-date=2016-05-03}}</ref>


== Tony Blair address book leak ==
== Tony Blair address book leak ==
Line 37: Line 37:
On 8 August 2011, TeaMp0isoN released the hashed administrator passwords for a website hosted under [[NASA]] domain, after using a public vulnerability.<ref>{{Cite web|url=http://thehackernews.com/2011/08/teamp0ison-nasa-forum-is-vulnerable-sql.html|title=TeaMp0isoN : NASA forum is Vulnerable SQL injection, Admin Hacked !|last=Kumar|first=Mohit|date=2011-08-10|website=The Hacker News|access-date=2016-05-03}}</ref>
On 8 August 2011, TeaMp0isoN released the hashed administrator passwords for a website hosted under [[NASA]] domain, after using a public vulnerability.<ref>{{Cite web|url=http://thehackernews.com/2011/08/teamp0ison-nasa-forum-is-vulnerable-sql.html|title=TeaMp0isoN : NASA forum is Vulnerable SQL injection, Admin Hacked !|last=Kumar|first=Mohit|date=2011-08-10|website=The Hacker News|access-date=2016-05-03}}</ref>


In November 2011, TeaMp0isoN released a list of email addresses and passwords that were reportedly obtained via an SQL injection vulnerability in the United Kingdom's Ministry of Defence.<ref>{{Cite web|url=http://www.theregister.co.uk/2011/11/09/teamp0ison_publishes_stupid_password_list/|title=Foreign government emails HACKED says TeamP0ison|last=Chirgwin|first=Richard|date=2011-11-09|website=theregister.co.uk|access-date=2016-05-03}}</ref> The UK MoD is responsible for controlling the UK's defence policies, and is also the headquarters of the British Armed Forces.
In November 2011, TeaMp0isoN released a list of email addresses and passwords that were reportedly obtained via an SQL injection vulnerability in the United Kingdom's Ministry of Defence.<ref>{{Cite web|url=http://www.theregister.co.uk/2011/11/09/teamp0ison_publishes_stupid_password_list/|title=Foreign government emails HACKED says TeamP0ison|last=Chirgwin|first=Richard|date=2011-11-09|website=theregister.co.uk|access-date=2016-05-03}}</ref> The UK MoD is responsible for controlling the UK's defence policies and is also the headquarters of the British Armed Forces.


In April 2012, TeaMp0isoN targeted MI6 (UK Secret Intelligence Service), the group created a script that allowed them to repeatedly flood the anti-terrorism hotline with computer-generated calls, before calling up the hotline themselves in order to mock officers - the officers then warned them that they would be traced and reported to the FBI. TeaMp0isoN then reportedly wiretapped the MI6 agents, recording a conversation between officers and posting the leaked conversation on YouTube.<ref>{{cite web|url=http://news.softpedia.com/news/MI6-Call-Possibly-to-FBI-Leaked-by-TeaMp0isoN-264168.shtml|title=MI6 Call, Possibly to FBI, Leaked by TeaMp0isoN (Audio)|author=Eduard Kovacs|date=12 April 2012|work=softpedia}}</ref><ref>{{Cite web|url=http://www.techweekeurope.co.uk/news/teamp0ison-hacks-mi6-phones-72635|title=TeaMp0isoN Hacks MI6 Phones|last=Smolaks|first=Max|date=2012-04-12|website=TechWeekEurope UK|language=en-US|access-date=2016-05-03}}</ref>
In April 2012, TeaMp0isoN targeted MI6 (UK Secret Intelligence Service), the group created a script that allowed them to repeatedly flood the anti-terrorism hotline with computer-generated calls, before calling up the hotline themselves in order to mock officers - the officers then warned them that they would be traced and reported to the FBI. TeaMp0isoN then reportedly wiretapped the MI6 agents, recording a conversation between officers and posting the leaked conversation on YouTube.<ref>{{cite web|url=http://news.softpedia.com/news/MI6-Call-Possibly-to-FBI-Leaked-by-TeaMp0isoN-264168.shtml|title=MI6 Call, Possibly to FBI, Leaked by TeaMp0isoN (Audio)|author=Eduard Kovacs|date=12 April 2012|work=softpedia}}</ref><ref>{{Cite web|url=http://www.techweekeurope.co.uk/news/teamp0ison-hacks-mi6-phones-72635|title=TeaMp0isoN Hacks MI6 Phones|last=Smolaks|first=Max|date=2012-04-12|website=TechWeekEurope UK|language=en-US|access-date=2016-05-03}}</ref>
Line 73: Line 73:
In 2015, TeaMp0isoN returned and no longer appear to be committing any illegal activities. Posting from their official Twitter account, they have identified and disclosed vulnerabilities in [[Google]], [[Amazon.com|Amazon]], [[eBay]], Harvard University, [[NOAA]], [[Comcast]], Time Warner Cable, [[Western Union]], the [[United Nations]], the [[London Stock Exchange]], [[Autodesk]] and several other large systems. TeaMp0isoN has also released several zero-day exploits, including one that affected the memorial sites of Malcolm X and Marylin Monroe, and one that affected a commonly-used WordPress plugin used by a large number of websites. In addition to this, their website and forums have returned alongside their newly launched IRC network, and it appears they also have plans for a wargaming website allowing penetration testers to hone their skills within a legal and ethical environment.{{Citation needed|date=May 2016}}
In 2015, TeaMp0isoN returned and no longer appear to be committing any illegal activities. Posting from their official Twitter account, they have identified and disclosed vulnerabilities in [[Google]], [[Amazon.com|Amazon]], [[eBay]], Harvard University, [[NOAA]], [[Comcast]], Time Warner Cable, [[Western Union]], the [[United Nations]], the [[London Stock Exchange]], [[Autodesk]] and several other large systems. TeaMp0isoN has also released several zero-day exploits, including one that affected the memorial sites of Malcolm X and Marylin Monroe, and one that affected a commonly-used WordPress plugin used by a large number of websites. In addition to this, their website and forums have returned alongside their newly launched IRC network, and it appears they also have plans for a wargaming website allowing penetration testers to hone their skills within a legal and ethical environment.{{Citation needed|date=May 2016}}


In April 2015, TeaMp0isoN identified and disclosed vulnerabilities in many major universities including Harvard University, Stanford University, MIT, Princeton University, the University of Texas, the University of California and many more. The majority of the vulnerabilities found were via SQL injection flaws.<ref>{{Cite web|url=http://www.databreaches.net/teamp0ison-reveals-schools-vulnerabilities/|title=TeaMp0isoN reveals schools’ vulnerabilities|date=2015-04-12|website=www.databreaches.net|access-date=2016-05-03}}</ref> Also in this month, TeaMp0isoN identified a zero-day SQL Injection vulnerability, resulting in many sites being compromised - the most notable being the crime stoppers charters for Waterloo, Ontario, Peel and other Canadian cities and districts.<ref>{{Cite web|url=http://www.databreaches.net/heres-a-tip-for-some-crime-stoppers-in-canada-youve-been-hacked/|title=Here’s a tip for some Crime Stoppers in Canada: you’ve been hacked (UPDATED)|date=2015-04-12|website=www.databreaches.net|access-date=2016-05-03}}</ref>
In April 2015, TeaMp0isoN identified and disclosed vulnerabilities in many major universities including Harvard University, Stanford University, MIT, Princeton University, the University of Texas, the University of California and much more. The majority of the vulnerabilities found were via SQL injection flaws.<ref>{{Cite web|url=http://www.databreaches.net/teamp0ison-reveals-schools-vulnerabilities/|title=TeaMp0isoN reveals schools’ vulnerabilities|date=2015-04-12|website=www.databreaches.net|access-date=2016-05-03}}</ref> Also in this month, TeaMp0isoN identified a zero-day SQL Injection vulnerability, resulting in many sites being compromised - the most notable being the crime stoppers charters for Waterloo, Ontario, Peel and other Canadian cities and districts.<ref>{{Cite web|url=http://www.databreaches.net/heres-a-tip-for-some-crime-stoppers-in-canada-youve-been-hacked/|title=Here’s a tip for some Crime Stoppers in Canada: you’ve been hacked (UPDATED)|date=2015-04-12|website=www.databreaches.net|access-date=2016-05-03}}</ref>


In May 2015, TeaMp0isoN member 'KMS' targeted the ''[[Minecraft]]'' Pocket Edition Forum, seemingly infiltrating their database and leaking a list of over 16,000 usernames and passwords.<ref>{{Cite web|url=http://news.softpedia.com/news/Minecraft-Pocket-Edition-Forum-Hacked-Before-Going-Belly-Up-482320.shtml|title=Minecraft Pocket Edition Forum Hacked Before Going Belly Up|last=Ilascu|first=Ionut|date=2015-05-26|website=softpedia|access-date=2016-05-03}}</ref>
In May 2015, TeaMp0isoN member 'KMS' targeted the ''[[Minecraft]]'' Pocket Edition Forum, seemingly infiltrating their database and leaking a list of over 16,000 usernames and passwords.<ref>{{Cite web|url=http://news.softpedia.com/news/Minecraft-Pocket-Edition-Forum-Hacked-Before-Going-Belly-Up-482320.shtml|title=Minecraft Pocket Edition Forum Hacked Before Going Belly Up|last=Ilascu|first=Ionut|date=2015-05-26|website=softpedia|access-date=2016-05-03}}</ref>
Line 79: Line 79:
== Activities in 2016 ==
== Activities in 2016 ==


It seems as if TeaMp0isoN is back with a new agenda. Due to their recent activity they seem to have come back as some sort of mix between a blackhat and a whitehat group. They have disclosed vulnerabilities in the [[United States Department of Education]], [[UCLA]], and various other institutions.
Recent activity indicated that they came back as a mix between a blackhat and a whitehat group. They disclosed vulnerabilities in the [[United States Department of Education]], [[UCLA]], and various other institutions.


In February/March 2016 the group appears to have been up to their old self again by breaching both a UN Agency and one of America's largest Internet Service Providers. During Mid-February TeaMp0isoN seems to have breached the United Nations [[World Tourism Organization]] and have defaced their forum index.<ref>{{Cite web|url=http://www.ibtimes.co.uk/un-tourism-website-breached-defaced-by-teampoison-hacking-collective-1545903|title=UN tourism website breached and defaced by 'TeamPoison' hacking collective|last=Murdock|first=Jason|date=2016-02-25|website=International Business Times UK|access-date=2016-05-03}}</ref> During Late-February TeaMp0isoN breached the [[Time Warner Cable]] Business Class Managed Security Services Portal. As indicated by their Twitter feed (since suspended) they seem to have gained access to both the backend ticket system as well as the details of 4191 users.<ref>{{Cite web|url=http://news.softpedia.com/news/teamp0ison-hacks-time-warner-cable-business-website-dumps-customer-data-501190.shtml|title=TeaMp0isoN Hacks Time Warner Cable Business Website, Dumps Customer Data|last=Cimpanu|first=Catalin|date=2016-03-01|website=softpedia|access-date=2016-05-03}}</ref>
In February/March 2016, the group breached both a UN Agency and one of America's largest Internet Service Providers. During mid-February, TeaMp0isoN breached the United Nations [[World Tourism Organization]] and defaced their forum index.<ref>{{Cite web|url=http://www.ibtimes.co.uk/un-tourism-website-breached-defaced-by-teampoison-hacking-collective-1545903|title=UN tourism website breached and defaced by 'TeamPoison' hacking collective|last=Murdock|first=Jason|date=2016-02-25|website=International Business Times UK|access-date=2016-05-03}}</ref> During late February, TeaMp0isoN breached the [[Time Warner Cable]] Business Class Managed Security Services Portal.Their (since suspended) Twitter feed indicated that they gained access to the backend ticket system as well as the details of 4191 users.<ref>{{Cite web|url=http://news.softpedia.com/news/teamp0ison-hacks-time-warner-cable-business-website-dumps-customer-data-501190.shtml|title=TeaMp0isoN Hacks Time Warner Cable Business Website, Dumps Customer Data|last=Cimpanu|first=Catalin|date=2016-03-01|website=softpedia|access-date=2016-05-03}}</ref>


== Links to ISIS ==
== Links to ISIS ==


TeaMp0isoN member TriCk is believed to be [[Junaid Hussain]], a black hat hacker who was arrested for [[doxing]] Tony Blair's personal information. He fled the UK while on police bail, and reportedly joined [[Islamic State of Iraq and the Levant|ISIL]].<ref name="recordedfuture">{{cite web|url=https://www.recordedfuture.com/cyber-caliphate-analysis/|title=Cyber Caliphate: ISIS Plays Offense on the Web|work=Recorded Future}}</ref><ref>{{cite web|url=http://www.dailymail.co.uk/news/article-2726522/British-hacker-masterminding-plan-teach-jihadists-steal-bank-accounts-rich-famous-fund-terror-campaign.html|title=Junaid Hussain 'masterminding plan to teach jihadists how to steal from bank accounts to fund terror campaign'|last=Corcoran|first=Kieran|date=2014-08-16|access-date=2016-05-03|work=Mail Online}}</ref> It is believed that Hussain became a prominent ISIL propagandist, using social media to recruit soldiers to join ISIL, and was behind several high-profile attacks under the group name "CyberCaliphate".<ref>{{cite web|url=http://www.ibtimes.com/junaid-hussain-cybercaliphate-leader-isis-member-was-behind-centcom-hack-report-says-1782870|title=Junaid Hussain: CyberCaliphate Leader And ISIS Member Was Behind CENTCOM Hack, Report Says|last=Halleck|first=Thomas|date=2015-01-14|access-date=2016-05-03|work=International Business Times}}</ref> Hussain is also believed to have links to [[Jihadi John]]. Hussain has also been suspected of cooperating with other ISIL members to unmask individuals who report to rebel media groups, and [[doxing]] US soldiers and their families.<ref>{{Cite web|url=http://www.infosecurity-magazine.com/news/isis-likely-behind-cyberattack/|title=ISIS Likely Behind Cyber-attack Unmasking Syrian Rebels|last=Seals|first=Tara|date=2014-12-20|website=Infosecurity Magazine|access-date=2016-05-03}}</ref>
TeaMp0isoN member TriCk is believed to be [[Junaid Hussain]], a black hat hacker who was arrested for [[doxing]] Tony Blair's personal information. He fled the UK while on police bail and reportedly joined [[Islamic State of Iraq and the Levant|ISIL]].<ref name="recordedfuture">{{cite web|url=https://www.recordedfuture.com/cyber-caliphate-analysis/|title=Cyber Caliphate: ISIS Plays Offense on the Web|work=Recorded Future}}</ref><ref>{{cite web|url=http://www.dailymail.co.uk/news/article-2726522/British-hacker-masterminding-plan-teach-jihadists-steal-bank-accounts-rich-famous-fund-terror-campaign.html|title=Junaid Hussain 'masterminding plan to teach jihadists how to steal from bank accounts to fund terror campaign'|last=Corcoran|first=Kieran|date=2014-08-16|access-date=2016-05-03|work=Mail Online}}</ref> It is believed that Hussain became a prominent ISIL propagandist, using social media to recruit soldiers to join ISIL, and was behind several high-profile attacks under the group name "CyberCaliphate".<ref>{{cite web|url=http://www.ibtimes.com/junaid-hussain-cybercaliphate-leader-isis-member-was-behind-centcom-hack-report-says-1782870|title=Junaid Hussain: CyberCaliphate Leader And ISIS Member Was Behind CENTCOM Hack, Report Says|last=Halleck|first=Thomas|date=2015-01-14|access-date=2016-05-03|work=International Business Times}}</ref> Hussain is also believed to have links to [[Jihadi John]]. Hussain has also been suspected of cooperating with other ISIL members to unmask individuals who report to rebel media groups, and [[doxing]] US soldiers and their families.<ref>{{Cite web|url=http://www.infosecurity-magazine.com/news/isis-likely-behind-cyberattack/|title=ISIS Likely Behind Cyber-attack Unmasking Syrian Rebels|last=Seals|first=Tara|date=2014-12-20|website=Infosecurity Magazine|access-date=2016-05-03}}</ref>


Hussain was a prominent target on the Pentagon's [[Disposition Matrix]] due to his influence overseas. On August 26, 2015, U.S. officials said they have a “high level of confidence” that Hussain was killed in a drone strike in Syria.<ref>{{Cite web|url=http://www.mirror.co.uk/news/world-news/junaid-hussain-dead-isis-computer-6326361|title=ISIS computer hacker Junaid Hussain has been killed in a US drone strike|last=Fricker|first=Martin|date=2015-08-26|website=mirror|access-date=2016-05-03}}</ref>
Hussain was a prominent target on the Pentagon's [[Disposition Matrix]] due to his influence overseas. On August 26, 2015, U.S. officials said they have a “high level of confidence” that Hussain was killed in a drone strike in Syria.<ref>{{Cite web|url=http://www.mirror.co.uk/news/world-news/junaid-hussain-dead-isis-computer-6326361|title=ISIS computer hacker Junaid Hussain has been killed in a US drone strike|last=Fricker|first=Martin|date=2015-08-26|website=mirror|access-date=2016-05-03}}</ref>

Revision as of 00:14, 31 May 2017

TeaMp0isoN
Formation2008
TypeHacktivism
MembershipTriCk, MLT, iN^SaNe, hex00010 Zero KILLSWITCH[1][2][3][4][5]
Remarkshttp://p0ison.org/

TeaMp0isoN was a computer security research group consisting of 3-5 core members. The group gained notoriety in 2011/2012 for their blackhat hacking activities, which included attacks on the United Nations, NASA, NATO, Facebook and several other large corporations and government entities.[7] TeaMp0isoN disbanded in 2012 following the arrests of three of their core members, 'TriCk' and MLT.[8]

English Defence League

TeaMp0isoN released several documents pertaining to the English Defence League, leaking information which included personal details of several high-ranking EDL members.[9] In addition to this, TeaMp0isoN went on to deface the official website of the English Defence League.[10]

Facebook

In January 2011, unauthorized status updates were posted on Mark Zuckerberg and French President Nicolas Sarkozy's accounts on social-networking site Facebook. On January 25, a spokesperson for Facebook acknowledged the bug in their system and said it has been fixed. Later that week The Daily Beast reported that "TriCk", a member of TeaMp0isoN, along with members of a group known as "ZHC", said they had exploited a bug in the web site on previous New Year's Eve, allowing them to post unauthorized status updates and to block temporary newsfeeds to a list of 130 pages. A spokeswoman for one of the targeted groups, the English Defence League, confirmed that they were targeted and their pages critical of Islam were indeed hacked. Members of Facebook's security team said after being contacted on the matter by The Daily Beast, they had found no evidence of malicious activity on their logs.[11]

Tony Blair address book leak

In June 2011, the group published what appeared to be the address book and other private data of former British Prime Minister Tony Blair on Pastebin. According to TeaMp0isoN, the data was obtained originally in December 2010. Tony Blair's spokesman said the data was not obtained from Blair directly, but from the personal email account of his former staff.[12] TeaMp0isoN responded to this, commenting "Blairs sheep are lying about how we got the info, we got into the webmail server via a private exploit & we wiped the logs so Good luck".[13]

BlackBerry

Main article: 2011 England riots

During 2011 England riots it was believed that BlackBerry Messenger service was used by looters for collaboration. The group defaced the official BlackBerry blog as a response to Research In Motion (RIM), the maker of the BlackBerry, promising to co-operate with the United Kingdom police and government. TeaMp0isoN's released a statement saying, "We are all for the rioters that are engaging in attacks on the police and government."[14]

Government Leaks

In July 2011, TeaMp0isoN released eight whitewashed Court Cases against Sarah Palin, claiming they had intentions to do the same with Barack Obama.[15][16]

On 8 August 2011, TeaMp0isoN released the hashed administrator passwords for a website hosted under NASA domain, after using a public vulnerability.[17]

In November 2011, TeaMp0isoN released a list of email addresses and passwords that were reportedly obtained via an SQL injection vulnerability in the United Kingdom's Ministry of Defence.[18] The UK MoD is responsible for controlling the UK's defence policies and is also the headquarters of the British Armed Forces.

In April 2012, TeaMp0isoN targeted MI6 (UK Secret Intelligence Service), the group created a script that allowed them to repeatedly flood the anti-terrorism hotline with computer-generated calls, before calling up the hotline themselves in order to mock officers - the officers then warned them that they would be traced and reported to the FBI. TeaMp0isoN then reportedly wiretapped the MI6 agents, recording a conversation between officers and posting the leaked conversation on YouTube.[19][20]

On April 3, 2012, TeaMp0isoN gained access to a NATO server, before leaking data obtained from the server and defacing the index page of the site.[21][22]

Operation Censor This

TeaMp0isoN joined forces with well-known hacker collective Anonymous to announce OpCensorThis, an operation intended to protest against censorship - the operation received a lot of media attention and music artists such as Lyricist Jinn and Tabanacle created a music video in order to raise awareness for the operation.[23][24]

TeaMp0isoN then went on to deface several sites in support of OpCensorThis, the most notable being the United Nations Development Programme, and the well-known British newspaper, The Daily Mail.[25][26]

Operation Robin Hood

In response to Occupy Movement, an online announcement claims that TeaMp0isoN joined Anonymous to launch Operation Robin Hood, intending to hack into websites, obtain credit cards and make donations to activist organizations while the banks would have to refund the hacked accounts.[27][28] The video states: "Operation Robin Hood will take credit cards and donate to the 99% as well as various charities around the globe. The banks will be forced to reimburse the people their money back." while encouraging to "move your accounts into secure credit unions,"[27] in an echo to the Bank Transfer Day movement.

As part of Operation Robin Hood, TeaMp0isoN leaked over 26,000 Israeli credit card details, obtained via vulnerabilities in Israeli banks, One and CityNet.[29]

TeaMp0isoN then went on to publish the credit card details and passport scans of well-known rapper Sean Combs (also known as P-Diddy), TeaMp0isoN then used his credit card to donate money to charity and to order pizza for those who requested via Twitter.[30] P-Diddy then launched an internal investigation to attempt to track down TeaMp0isoN, reportedly hiring a team of private detectives.[31]

Operation Retaliation

Following the arrest of founding TeaMp0isoN member TriCk, the group announced Operation Retaliation, which began with reported DDoS attacks against MI6 (https://www.sis.gov.uk/), before various other attacks took place, the most notable being Panasonic, The Australian Government, and the United Nations World Health Organisation.[32] In addition to this, Consternation Security and Doxbin were also reportedly hacked.[33][34]

United Nations

In November 2011, TeaMp0isoN released more than 128 usernames and login details, which they say were obtained from the United Nations Development Programme. According to a spokeswoman for the UNDP the data was extracted from "an old server which contains old data".[35] TeaMp0isoN then disputed this statement, releasing server logs and other evidence to suggest that the server was still in fact actively being used by the United Nations.[36]

In April 2012, TeaMp0isoN hacked the United Nations again, this time targeting their World Health Organisation and leaking a list of usernames and hashed passwords, including the administrator credentials.[37][38]

Possible arrests

On 10 April 2012, the group created a script to call the British Anti-Terrorism Hotline with hoax calls continuously for a 24-hour period to protest the extradition of terrorist suspects to the United States. On 12 April, police arrested two teenagers, 16 and 17, over the incident under suspicion of violating the Malicious Communications Act 1988 and the Computer Misuse Act.[39]

On 9 May 2012, alleged TeaMp0isoN member and spokesperson "MLT" was arrested by officers from Scotland Yard on suspicion of offences under the Computer Misuse Act, relating to the attacks on the Anti-Terrorist Hotline and other offences.[40]

Activities in 2015

In 2015, TeaMp0isoN returned and no longer appear to be committing any illegal activities. Posting from their official Twitter account, they have identified and disclosed vulnerabilities in Google, Amazon, eBay, Harvard University, NOAA, Comcast, Time Warner Cable, Western Union, the United Nations, the London Stock Exchange, Autodesk and several other large systems. TeaMp0isoN has also released several zero-day exploits, including one that affected the memorial sites of Malcolm X and Marylin Monroe, and one that affected a commonly-used WordPress plugin used by a large number of websites. In addition to this, their website and forums have returned alongside their newly launched IRC network, and it appears they also have plans for a wargaming website allowing penetration testers to hone their skills within a legal and ethical environment.[citation needed]

In April 2015, TeaMp0isoN identified and disclosed vulnerabilities in many major universities including Harvard University, Stanford University, MIT, Princeton University, the University of Texas, the University of California and much more. The majority of the vulnerabilities found were via SQL injection flaws.[41] Also in this month, TeaMp0isoN identified a zero-day SQL Injection vulnerability, resulting in many sites being compromised - the most notable being the crime stoppers charters for Waterloo, Ontario, Peel and other Canadian cities and districts.[42]

In May 2015, TeaMp0isoN member 'KMS' targeted the Minecraft Pocket Edition Forum, seemingly infiltrating their database and leaking a list of over 16,000 usernames and passwords.[43]

Activities in 2016

Recent activity indicated that they came back as a mix between a blackhat and a whitehat group. They disclosed vulnerabilities in the United States Department of Education, UCLA, and various other institutions.

In February/March 2016, the group breached both a UN Agency and one of America's largest Internet Service Providers. During mid-February, TeaMp0isoN breached the United Nations World Tourism Organization and defaced their forum index.[44] During late February, TeaMp0isoN breached the Time Warner Cable Business Class Managed Security Services Portal.Their (since suspended) Twitter feed indicated that they gained access to the backend ticket system as well as the details of 4191 users.[45]

TeaMp0isoN member TriCk is believed to be Junaid Hussain, a black hat hacker who was arrested for doxing Tony Blair's personal information. He fled the UK while on police bail and reportedly joined ISIL.[46][47] It is believed that Hussain became a prominent ISIL propagandist, using social media to recruit soldiers to join ISIL, and was behind several high-profile attacks under the group name "CyberCaliphate".[48] Hussain is also believed to have links to Jihadi John. Hussain has also been suspected of cooperating with other ISIL members to unmask individuals who report to rebel media groups, and doxing US soldiers and their families.[49]

Hussain was a prominent target on the Pentagon's Disposition Matrix due to his influence overseas. On August 26, 2015, U.S. officials said they have a “high level of confidence” that Hussain was killed in a drone strike in Syria.[50]

See also

References

  1. ^ "Alleged TeaMp0isoN teen hackers charged with jamming anti-terrorist hotline". Naked Security.
  2. ^ "MLT – Suspected member of TeamPoison hacking gang arrested - Naked Security". Naked Security.
  3. ^ Jana Winter, Jeremy A. Kaplan. "Exclusive: Rival Hacker Group Racing Police to Expose LulzSec". Fox News.
  4. ^ Eduard Kovacs (28 March 2014). "Man Involved in Hacktivist Campaign Against Israel Sentenced to 15 Months in Jail". softpedia.
  5. ^ http://bits.blogs.nytimes.com/2013/10/29/adobe-online-attack-was-bigger-than-previously-thought/?_r=0
  6. ^ "TeaMp0isoN Claims U.K. Anti-Terrorism Hotline Hack". infosecisland.com.
  7. ^ Eduard Kovacs (18 February 2012). "Hackers Around the World: It's No TriCk, He's Among the Best in the UK". softpedia. Retrieved 3 May 2016.
  8. ^ Smolaks, Max (13 April 2012). "Police arrest TeaMp0isoN suspects". TechWeekEurope UK. Retrieved 3 May 2016.
  9. ^ Usman, Muhammad (September 2011). "English Defence League (EDL) Hacked By TeaMp0isoN (Members Personal Information Leaked) ~ The Hackers Media™ [ THM ]". thehackersmedia.blogspot.co.uk. Retrieved 3 May 2016.
  10. ^ Leyden, John (11 February 2011). "English Defence League site pulled offline after defacement". theregister.co.uk. Retrieved 3 May 2016.
  11. ^ Ries, Brian (27 January 2011). "The Mujahideen Hackers Who 'Clean Facebook'". The Daily Beast. Retrieved 3 May 2016.
  12. ^ Chatterjee, Surojit (26 June 2011). "LulzSec sails into sunset as TeaMp0isoN terrorizes Internet". International Business Times. Retrieved 3 May 2016.
  13. ^ Neal, Dave (27 June 2011). "Tony Blair got hacked". TheINQUIRER. Retrieved 3 May 2016.
  14. ^ "England riots: Hackers hit Blackberry over police help". BBC News. 10 August 2011. Retrieved 3 May 2016.
  15. ^ Kumar, Mohit (21 July 2011). "8 Court Cases against Sarah Palin Leaked By TeaMp0isoN". The Hacker News. Retrieved 3 May 2016.
  16. ^ "Hackers leak details of cases vs Palin, hint Obama will be next". SOTT.net. 22 July 2011. Retrieved 3 May 2016.
  17. ^ Kumar, Mohit (10 August 2011). "TeaMp0isoN : NASA forum is Vulnerable SQL injection, Admin Hacked !". The Hacker News. Retrieved 3 May 2016.
  18. ^ Chirgwin, Richard (9 November 2011). "Foreign government emails HACKED says TeamP0ison". theregister.co.uk. Retrieved 3 May 2016.
  19. ^ Eduard Kovacs (12 April 2012). "MI6 Call, Possibly to FBI, Leaked by TeaMp0isoN (Audio)". softpedia.
  20. ^ Smolaks, Max (12 April 2012). "TeaMp0isoN Hacks MI6 Phones". TechWeekEurope UK. Retrieved 3 May 2016.
  21. ^ Eduard Kovacs (3 April 2012). "Site of NATO Croatia Hacked and Defaced by TeaMp0isoN". softpedia.
  22. ^ Amir, Waqas (4 April 2012). "Official NATO Croatia Website defaced by TeaMp0isoN". HackRead.
  23. ^ Eduard Kovacs (21 January 2013). "Rappers Tabanacle, Proverbz and LyricistJinn Release New Anthem for OpCensorThis". softpedia.
  24. ^ Despotovic, Nebojsa (9 August 2011). "Anonymous and Team Poison join forces for #OpCensorThis". Atraktor Studio. Archived from the original on 9 February 2012.
  25. ^ "Anonymous Press: Teamp0isoN #pwnd #UN #OpCensorThis". www.legionnet.lgnsec.nl.eu.org. 23 February 2012. Retrieved 3 May 2016.
  26. ^ "Home - Latest Cyberwar News - Cyberwarzone". Cyberwarzone. 6 February 2012. Archived from the original on 28 July 2013.
  27. ^ a b https://www.youtube.com/watch?v=njONcmb81r0 Anonymous - #OpRobinHood
  28. ^ "'Operation Robin Hood': The hacker scheme to fund Occupy". theweek.com. 1 December 2011. Retrieved 3 May 2016.
  29. ^ Eduard Kovacs (2 February 2012). "TeaMp0isoN Leaks 26,000 Israeli Credit Cards from One and Citynet (Exclusive)". softpedia.
  30. ^ Eduard Kovacs (2 December 2011). "P-Diddy's Credit Card and Passport Details Leaked by TeaMp0isoN". softpedia.
  31. ^ Bychawski, Adam (12 October 2011). "P Diddy's credit card details stolen and posted online". NME.COM. Retrieved 3 May 2016.
  32. ^ Eduard Kovacs (4 May 2012). "Panasonic, United Nations and Australian Government Hacked by TeaMp0isoN". softpedia.
  33. ^ "Anonymous Press". eu.org.
  34. ^ Eduard Kovacs (16 April 2012). "TeaMp0isoN Confirm TriCk's Arrest, "Operation Retaliation" Starts (Updated)". softpedia.
  35. ^ "United Nations agency 'hacking attack' investigated - BBC News". BBC News. 29 November 2011. Retrieved 3 May 2016.
  36. ^ Eduard Kovacs (5 December 2011). "TeaMp0isoN Brings Solid Evidence to Prove UN Server Not 'Old'". softpedia.
  37. ^ Oswald, Ed (30 November 2011). "United Nations hacked! Passwords posted!". BetaNews. Retrieved 3 May 2016.
  38. ^ Latif, Salman (6 May 2012). "TeaMp0ison Hacks Sites Of Panasonic, World Health Organization And Australian Government". The Tech Journal. Retrieved 3 May 2016.
  39. ^ Kirk, Jeremy (12 April 2012). "UK Police Arrest Two Over Anti-Terrorist Hotline Prank Calls". CIO. Archived from the original on 13 April 2012. Retrieved 13 April 2012.
  40. ^ Cluley, Graham (11 May 2012). "MLT – Suspected member of TeamPoison hacking gang arrested". Naked Security. Retrieved 3 May 2016.
  41. ^ "TeaMp0isoN reveals schools' vulnerabilities". www.databreaches.net. 12 April 2015. Retrieved 3 May 2016.
  42. ^ "Here's a tip for some Crime Stoppers in Canada: you've been hacked (UPDATED)". www.databreaches.net. 12 April 2015. Retrieved 3 May 2016.
  43. ^ Ilascu, Ionut (26 May 2015). "Minecraft Pocket Edition Forum Hacked Before Going Belly Up". softpedia. Retrieved 3 May 2016.
  44. ^ Murdock, Jason (25 February 2016). "UN tourism website breached and defaced by 'TeamPoison' hacking collective". International Business Times UK. Retrieved 3 May 2016.
  45. ^ Cimpanu, Catalin (1 March 2016). "TeaMp0isoN Hacks Time Warner Cable Business Website, Dumps Customer Data". softpedia. Retrieved 3 May 2016.
  46. ^ "Cyber Caliphate: ISIS Plays Offense on the Web". Recorded Future.
  47. ^ Corcoran, Kieran (16 August 2014). "Junaid Hussain 'masterminding plan to teach jihadists how to steal from bank accounts to fund terror campaign'". Mail Online. Retrieved 3 May 2016.
  48. ^ Halleck, Thomas (14 January 2015). "Junaid Hussain: CyberCaliphate Leader And ISIS Member Was Behind CENTCOM Hack, Report Says". International Business Times. Retrieved 3 May 2016.
  49. ^ Seals, Tara (20 December 2014). "ISIS Likely Behind Cyber-attack Unmasking Syrian Rebels". Infosecurity Magazine. Retrieved 3 May 2016.
  50. ^ Fricker, Martin (26 August 2015). "ISIS computer hacker Junaid Hussain has been killed in a US drone strike". mirror. Retrieved 3 May 2016.

Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Teamp0ison&oldid=783075542"