Hackers from TeamGhostShell have initiated an operation called Project GhostShell. The first victim is the site of Forex Traders (fxtraders.eu), a company advertised as being a currency and money market, from which they leaked a large part of the database.
“Hello again, did you miss us world governments? We've made you guys a promise a while back, that, as long as hackers from all around the planet are getting arrested, we'll also appear, paying you all back ten-fold. Own us and we own you. Seems fair enough, don't you think?,” the hackers wrote.
They explain that Project GhostShell is meant as an operation against “the police, the informants, the snitches, the politicians, the stupid and the corrupt.”
“If you're gonna compromise one of us, regardless of religion, race, location and so on, then you WILL have to pay for it. 'Every action has a reaction'. But don't worry, it's not the only project we have to offer. You can expect more of them to pop-up in the near future. Or you can look forward to this one,” they explained.
The data dump is huge, but we’ll try to sum up all the information that has been made public by the hackers.
First, they revealed the server’s details, including physical location, host name, name servers and registrar details.
From the website’s database TeamGhostShell leaked the names of 172 tables, 515 forum usernames and email addresses, 208 user locations, 376 ICQ IDs, the hobbies and occupations of around 200 customers, and 482 MD5 password hashes.
The leak also contains 1908 administrator login IP addresses, 39 admin usernames, and a handful of their password hashes.
From a table called cur_forum_users they extracted more than 600 password hashes, 835 usernames, and 824 email addresses.
Finally, besides the 600 usernames and password hashes that seem to belong to individuals that enrolled in a competition sponsored by Forex Traders, the hackers also made available close to 50 private messages sent by the site’s customers.