Team GhostShell published their “last project” Monday, “Project WhiteFox.” The hacking crew again used their signature method of announcing the large-scale hack, hijacking numerous Twitter profiles to link to their Pastebin page and notify tech blogs and writers who have covered them in the past.
On the page linking to data taken as part of Project WhiteFox, Team GhostShell explained some of their actions over the past year or so. They also revealed that “DeadMellox” was a ploy, writing that he “was a ghost to begin with.”
“We used the name afterwards to trackback all mentions of that name all over the place,” the hackers wrote, adding, “Well, the whole plan is a bit more complicated than that, part of a bigger story, but let’s leave it at that for now.”
The organizations hit by Project WhiteFox include The European Space Agency, NASA’s Center For Advanced Engineering, the Credit Union National Association (CUNA), a defense contractor for the Pentagon and Aquilent, an intelligence firm that states on its website that it makes “technology work for you.”
In a survey of some of the data Team GhostShell posted to various paste-up sites, Betabeat noted login information including emails and passwords as well as the texts of what appear to be internal communications.
Team GhostShell ended the long list of links to hacked data with a rundown of its ops from 2012. These included #ProjectDragonFly, which Team GhostShell termed “a real cyberwar upon China” in the name of freedom of speech and #ProjectWestWind, which famously hacked top-shelf educational institutions around the world to protest “school policies that had spiked tuition fees, outdated reforms and unprepared school faculty.”
While Project WhiteFox is supposedly the team’s final exploit for this year, Team GhostShell signed off with a hint they’d return, writing, “who knows, maybe we’ll see each other again next year.”
Hundreds of systems administrators and IT security staff around the world probably hope Team GhostShell is done for good.