Your Source for Leaks Around the World!

InfoSec Certifier EC-Council Site Hacked: Defaced with Snowden Passport Photo, 1000s of Law/Military IT Officials’ Passports Obtained

In Archive, Hacking, Military, Snowden on February 24, 2014 at 7:30 AM



Megan Geuss/ArsTechnica/Steve Ragan/CSOonline/Rich McCormick/TheVerge:

The website for EC-Council, an “International Council of E-Commerce Consultants,” was defaced on Sunday evening. The hacker, who went by Eugene Belford (named for the “thieving evil computer genius” from the movie Hackers) also claimed to have found “thousands of passports belonging to LE [Law Enforcement] (and .mil) officials” in the process of breaking into the site.

Eugene Belford wrote on the EC-Council homepage, “Defaced again? Yep, good job reusing your passwords morons jack67834#”. With respect to the claim that passport and other information was stolen, the hacker posted a photo of Edward Snowden’s passport, along with an e-mail from him to the council from 2010. Below the passport photo is a letter signed by John Niescier, the Information Security Officer at the DSRJ, who certified that Snowden – a former NSA contractor responsible for what’s arguably the largest leak of classified documents in history – had at least five years of InfoSec experience.

EC-Council has long been an administrator of information security certification, and the organization’s training programs are sometimes used by employers to get employees up to speed on certain skills. Some of EC-Council’s certification programs include Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT).

On its Facebook page, EC-Council writes that it “has trained over 80,000 individuals and certified more than 30,000 security professionals from organizations such as the US Army, the FBI, Microsoft, IBM, and the United Nations.” The US Department of Defense has the EC-Council’s Certified Ethical Hacker qualification as a mandatory standard for its Computer Network Defense Service Providers.

However, since the organization’s founding in 2003, they have faced a wide variety of criticism from educators and security practitioners. The site’s hacker referred to an page that lists its grievances against the certifier.

Based on the e-mail screenshot posted to the organization’s homepage, security researcher Ashkan Soltani and Collin D. Anderson suggested on Twitter that the “attacker hijacked DNS and gained access to GApps through domain verification account reset.”

The IP address that is controlling the DNS for the domain was used earlier this month in an attack on a Flash-based game called Realm of the Mad God. In that attack, the game’s primary domain was being directed to a server that was pushing malware. [VirusTotal Report]

According to another Twitter post, that IP address has an interesting history:

  1. Każdy z nas zetknął się z faktem, doradzam zapoznanie się z punktem.


  2. Reblogged this on and commented:
    Lectura recomendada


  3. […] LeakSource 0 likesLeaks1000sCertifierDefacedECCouncilhackedInfoSecLaw/MilitaryObtainedofficialsPassportPassportsPhotositeSnowden […]


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: