Jump to content

UGNazi: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous edit
Content deleted Content added
VisualWikitext
→‎External links: Remove unnecessary link (WP:ELNO)
→‎Arrests and sentencing: Calling for update; current narrative ends with plea, from 4-years ago.
 
(89 intermediate revisions by 21 users not shown)
Line 1: Line 1:
{{short description|Hacker group active in 2012}}
{{multiple issues|
{{COI|date=February 2019}}
{{Use mdy dates|date=June 2019}}
'''UGNazi''' ('''Underground Nazi Hacktivist Group''') is a [[hacker group]]. The group conducted a series of [[cyberattack]]s, including [[Social engineering (security)|social engineering]], [[data breach]], and [[denial-of-service attack]]s, on the websites of various organizations in 2012. Two members of UGNazi were arrested in June 2012; one was incarcerated.<ref name="Wired June 2012" /><ref name="Wired November 2012" /> In December 2018, two members of UGNazi were arrested in connection with a murder in [[Manila]].<ref name="BuzzFeed News" />
{{advert|date=February 2019}}
{{tense|date=February 2019}}
{{tone|date=February 2019}}
}}
[[File:Kawaii Hitler.jpg|thumb|right|alt=Kawaii Hitler|UGNazi's logo, [[Kawaii]] Hitler]]
'''UGNazi''' ('''Underground Nazi Hacktivist Group''') is a computer [[Hacker (computer security)|hacker]] group. The group is best known for their expertise of [[Social engineering (security)|social-engineering]] that stole thousands of passwords and credit card details from billing and customer support provider WHMCS.<ref>{{Cite web|url=https://thehackernews.com/2013/10/web-hosting-software-whmcs-vulnerable.html|title=Web Hosting Software WHMCS Vulnerable|last=Kumar|first=Mohit|date=|website=The Hacker News|archive-url=|archive-date=|dead-url=|access-date=}}</ref> The hacking group also had strong opposition to [[CISPA]] and [[SOPA]] and practice of [[Distributed denial of service attack|Distributed Denial of Service]] (or DDoS) attacks against United States government websites.


==List of attacks==
== Attacks ==
In January 2012, UGNazi defaced the website of [[Ultimate Fighting Championship]] in response to the UFC's support of the [[Stop Online Piracy Act]].<ref>{{cite web|date=January 24, 2012|title=The UFC finally issues a statement about UGNazi, the group that hacked UFC.com|url=http://middleeasy.com/index.php?option=com_content&view=article&id=7002%3Athe-ufc-finally-issues-a-statement-about-ugnazi-the-group-that-hacked-ufccom&catid=34%3Aorganizations&Itemid=106|website=MiddleEasy|access-date=May 20, 2012}}</ref> On April 24, 2012, UGNazi performed [[distributed denial-of-service attack]]s on the websites of the [[Central Intelligence Agency]] and the [[Department of Justice]] in protest of the [[Cyber Intelligence Sharing and Protection Act]].<ref>{{cite web|first1=Eduard|last1=Kovacs|access-date=February 6, 2019|title=UGNazi Hackers Launch DDOS Attacks on CIA, DOJ Sites to Protest CISPA|date=Apr 24, 2012|url=https://news.softpedia.com/news/UGNazi-Hackers-Launch-DDOS-Attack-on-CIA-DOJ-Site-to-Protest-CISPA-266033.shtml|website=[[Softpedia News]]}}</ref>
===WHMCS database leak===
In May 2012, UGNazi is responsible for hacking the [[web server]] of the [[Web hosting service|web host]] billing software developer WHMCS in an apparent [[Social engineering (security)|social engineering attack]].<ref name="softpedia2012">{{cite web|url=http://news.softpedia.com/news/UGNazi-Leaks-1-7-GB-of-Data-from-WHMCS-Servers-270914.shtml|title=UGNazi Leaks 1.7 GB of Data from WHMCS Servers|date=|publisher=News.softpedia.com|accessdate=August 20, 2014}}</ref> A member of the group called WHMCS' hosting provider impersonating a senior employee.<ref name="forbes2012">{{cite news|url=https://www.forbes.com/sites/andygreenberg/2012/05/22/hackers-impersonate-web-billing-firms-staff-to-spill-500000-users-passwords-and-credit-cards/|title=Hackers Impersonate Web Billing Firm's Staff To Spill 500,000 Users' Passwords And Credit Cards|last=Greenberg|first=Andy|date=May 22, 2012|work=Forbes}}</ref> They were subsequently granted [[Superuser|root access]] to WHMCS' web server after providing information for identity verification. UGNazi later leaked publicly WHMCS' [[SQL]] database, website files, and [[cPanel]] configuration.<ref>http://paste.re/409.html</ref> The leaked database contains about 500,000 stored credit card numbers.<ref name="softpedia2012" /> <ref name="forbes2012" /><ref>{{cite web|url=https://www.theregister.co.uk/2012/05/22/whmcs_breach/|title=Titsup WHMCS calls the Feds after credit-card megaleak|last=Leyden|first=John|date=May 22, 2012|accessdate=August 18, 2014}}</ref>


In May 2012, after compromising a database belonging to the [[Washington Military Department]], UGNazi leaked sensitive [[Domain Name System|DNS]] information used by the US state of [[Washington (state)|Washington]]. They also leaked the account details of about 16 users, consisting of usernames and password hashes, including those of the website's administrator.<ref>{{cite web|url=http://news.softpedia.com/news/UGNazi-Hackers-Leak-Data-from-Washington-Military-Department-269244.shtml|date=May 14, 2012|title=UGNazi Hackers Leak Data from Washington Military Department|last=Kovacs|first=Eduard|website=[[Softpedia News]]|access-date=May 20, 2012}}</ref> UGNazi performed a [[Social engineering (security)|social engineering attack]] on [[Web hosting service|web host]] billing software developer WHMCS.<ref name="softpedia2012">{{cite web|url=http://news.softpedia.com/news/UGNazi-Leaks-1-7-GB-of-Data-from-WHMCS-Servers-270914.shtml|title=UGNazi Leaks 1.7 GB of Data from WHMCS Servers|website=[[Softpedia News]]|date=May 22, 2012 |access-date=August 20, 2014}}</ref> A member of the group called WHMCS' hosting provider, impersonating a senior employee.<ref name="forbes2012">{{cite news|url=https://www.forbes.com/sites/andygreenberg/2012/05/22/hackers-impersonate-web-billing-firms-staff-to-spill-500000-users-passwords-and-credit-cards/|title=Hackers Impersonate Web Billing Firm's Staff To Spill 500,000 Users' Passwords And Credit Cards|last=Greenberg|first=Andy|date=May 22, 2012|work=[[Forbes]]|access-date=June 19, 2019}}</ref> They gained [[Superuser|root access]] to WHMCS's web server and leaked WHMCS's [[SQL]] database, website files, and [[cPanel]] configuration. The leaked database contained about 500,000 stored credit card numbers.<ref name="softpedia2012" /><ref name="forbes2012" /><ref>{{cite web|url=https://www.theregister.co.uk/2012/05/22/whmcs_breach/|title=Titsup WHMCS calls the Feds after credit-card megaleak|last=Leyden|first=John|date=May 22, 2012|access-date=August 18, 2014|website=[[The Register]]}}</ref><ref>{{Cite web|url=https://news.softpedia.com/news/UGNazi-Leaks-1-7-GB-of-Data-from-WHMCS-Servers-270914.shtml|title=UGNazi Leaks 1.7 GB of Data from WHMCS Servers|date=May 22, 2012|last=Kovacs|first=Edward|website=[[Softpedia News]]|access-date=September 16, 2018}}</ref>
UGNazi member Next claimed that the group targeted WHMCS in response to their tolerance for fraudulent websites' licensed use of their software.<ref name="forbes2012" /> Days later, Cosmo released a statement claiming that WHMCS was attacked to demonstrate the vulnerability of their customers' credit card numbers, which were stored on a web server managed by [[HostGator]].<ref>{{Cite web|url=https://news.softpedia.com/news/UGNazi-Leaks-1-7-GB-of-Data-from-WHMCS-Servers-270914.shtml|title=UGNazi Leaks 1.7 GB of Data from WHMCS Servers|last=Kovacs|first=Edward|date=|website=Softpedia News|archive-url=|archive-date=|dead-url=|access-date=16 September 2018}}</ref>


On June 4, 2012, UGNazi targeted [[4chan]] with a [[DNS hijacking]] attack through a vulnerability in [[Cloudflare]]'s use of [[Google]]'s [[two-factor authentication]] system, redirecting visitors to UGNazi's [[Twitter]] account.<ref>{{cite news|last1=Kumar|first1=Mohit|title=UGNazi hackers attack on CloudFlare via a flaw in Google|url=https://thehackernews.com/2012/06/ugnazi-hackers-attack-on-cloudflare-via.html|access-date=February 2, 2017|date=June 4, 2012|website=The Hacker News}}</ref> UGNazi attacked the non-profit organization [[Wounded Warrior Project]] and released the Project's database on June 6, 2012.<ref>{{cite web|first=Eduard|last=Kovacs|date=Jun 1, 2012|url=http://news.softpedia.com/news/UGNazi-Attacks-Wounded-Warrior-Project-to-Spite-The-Jester-273163.shtml |title=UGNazi Attacks Wounded Warrior Project to Spite The Jester |website=[[Softpedia News]] |access-date=August 20, 2014}}</ref> In June of 2012, the leader of UGNazi stole the information of over 411,000 credit cards and compromised over 47 companies and government organizations estimating to be around $205 million.<ref>{{Cite web |last=Greenberg |first=Andy |title=Hackers Impersonate Web Billing Firm's Staff To Spill 500,000 Users' Passwords And Credit Cards |url=https://www.forbes.com/sites/andygreenberg/2012/05/22/hackers-impersonate-web-billing-firms-staff-to-spill-500000-users-passwords-and-credit-cards/ |access-date=2023-01-09 |website=Forbes |language=en}}</ref> On June 8, 2012, UGNazi hacked the website of [[Wawa Inc]] and defaced their webpage.<ref>{{cite web|first=Robert|last=Moran|access-date=June 19, 2019|date=June 8, 2012|title=In hack, Wawa web turns Kawaii Hitler|url=https://www.inquirer.com/philly/news/breaking/20120608_Hackers_hit_Wawa_website.html|website=[[The Philadelphia Inquirer]]}}</ref> On June 21, 2012, UGNazi claimed they took popular social media website [[Twitter]] down for two hours via a denial of service attack.<ref>{{Cite news|last=Pepitone|first=Julianne|title=Twitter crashes hard, Internet freaks out|date=June 21, 2012|newspaper=[[CNN]]|url=https://money.cnn.com/2012/06/21/technology/twitter-down/index.htm|archive-url=https://web.archive.org/web/20120623062429/http://money.cnn.com/2012/06/21/technology/twitter-down/index.htm|archive-date=June 23, 2012|url-status=live}}</ref> [[Sam Biddle]] of [[Gizmodo]] disputed the veracity of the claim.<ref>{{cite web|author=Biddle, Sam|date=November 30, 2012|title=The Final Words of a 15-Year-Old Hacker Banned from the Internet|website=[[Gizmodo]]|url=https://gizmodo.com/5963952/the-final-words-of-a-15-year-old-hacker-banned-from-the-internet|archive-url=https://web.archive.org/web/20140615185233/http://gizmodo.com/5963952/the-final-words-of-a-15-year-old-hacker-banned-from-the-internet|archive-date=June 15, 2014|url-status=live}}</ref>
===Washington Military Department leaks===
After compromising a database belonging to the [[Washington Military Department]], UGNazi leaked sensitive [[Domain Name System|DNS]] information used by the US state of [[Washington (state)|Washington]]. They also leaked the account details of about 16 users, consisting of usernames and password hashes, including those of the website's administrator.
"This is just a continuation of our attack against wa.gov, but other than that, like we said we're not done with the government or anyone to be exact. We're going to come after every dirtbag we can get our hands on. Freedom is a right not a privilege but the US government makes it seems like it's a privilege that we have the 'freedom'," a group member told [[Softpedia]].<ref>{{cite web|url=http://news.softpedia.com/news/UGNazi-Hackers-Leak-Data-from-Washington-Military-Department-269244.shtml|title=UGNazi Hackers Leak Data from Washington Military Department|last=Kovacs|first=Eduard|publisher=Softpedia|accessdate=May 20, 2012}}</ref>
===UFC.com and fighter Dana White===
UGNazi leader, [[Josh The God]] hacked the website [[UFC]].com leaking the website's database, financial and personal information of [[Dana White]] in response for the UFC's support of SOPA. They attacked the Gamer's League Live website and [[Ultimate Fighting Championship]]'s website in protest of the UFC's support for the [[Stop Online Piracy Act]] (SOPA), proposed by the United States at the time.<ref>{{cite web|title=The UFC finally issues a statement about UGNazi, the group that hacked UFC.com|url=http://middleeasy.com/index.php?option=com_content&view=article&id=7002%3Athe-ufc-finally-issues-a-statement-about-ugnazi-the-group-that-hacked-ufccom&catid=34%3Aorganizations&Itemid=106|publisher=MiddleEasy|accessdate=May 20, 2012}}</ref> They later hacked [[Coach, Inc.|Coach]]'s website for the same reason.<ref>{{cite web|author=Keith Dsouza |url=http://techie-buzz.com/tech-news/coach-ufc-coachfactory-hacked-ugnazi.html |title=Coach.com Hacked, Coachfactory.com Hacked to Protest SOPA by UGNazi Group |publisher=Techie-buzz.com |date=January 24, 2012 |accessdate=August 20, 2014}}</ref>


UGNazi hacked into the Twitter accounts of [[Shirley Phelps-Roper]] on December 17, 2012, and Fred Phelps Jr. on December 19, 2012, in opposition to the [[Westboro Baptist Church]]'s planned protest following the [[Sandy Hook Elementary School shootings]].<ref>{{cite web|first1=Sam|last1=Biddle|access-date=February 6, 2019|date=December 17, 2012|title=Hackers Take Over Westboro Baptist Church Twitter (Updated)|url=https://gizmodo.com/hackers-take-over-westboro-baptist-church-twitter-upda-5969006|website=[[Gizmodo]]}}</ref><ref>{{cite web|first1=Sam|last1=Biddle|access-date=February 6, 2019|date=December 19, 2012|title=UGNazi Hackers Seize Another Westboro Baptist Church Hate Account|url=https://gizmodo.com/ugnazi-hackers-seize-another-westboro-baptist-church-ha-5969965|website=[[Gizmodo]]}}</ref>
===CIA===
Softpedia published an article about the attack on the CIA.<ref>[http://news.softpedia.com/news/UGNazi-Hackers-Launch-DDOS-Attack-on-CIA-DOJ-Site-to-Protest-CISPA-266033.shtml]</ref> Hackers of UGNazi are launching attacks on the sites of the CIA and the one of the Department of Justice (DOJ).


In January 2021, [[Parler]] CEO [[John Matze]] alleged to [[Fox News]] that UGNazi was actively working to facilitate targeted harassment of himself and his family following the [[Parler#Shutdown by service providers|temporary take-down of Parler]], a far-right social network implicated in the [[2021 storming of the United States Capitol]].<ref>{{cite news |last1=Flood |first1=Brian |title=Parler CEO blasts AOC, elected officials who called to ban his app |url=https://www.foxnews.com/media/parler-ceo-blasts-aoc-elected-officials-who-called-to-ban-his-app-i-think-its-sick |access-date=18 January 2021 |work=Fox News |date=12 January 2021}}</ref>
===4chan===
In June 2012, UGNazi targeted the well-known imageboard [[4chan]].<ref>{{cite web|author=|url=https://twitter.com/CosmoTheGod/status/208656791708508160 |title=Twitter / CosmoTheGod: We have gained full access |publisher=Twitter.com |date=June 1, 2012 |accessdate=August 20, 2014}}</ref> They are reported to have hacked [[CloudFlare]]'s database. The attacks on 4chan were short, lasting about 20 minutes. During that 20 minutes anyone trying to access 4chan would be redirected to UGNazi's Twitter page.<ref>{{cite news|last1=Kumar|first1=Mohit|title=UGNazi hackers attack on CloudFlare via a flaw in Google|url=https://thehackernews.com/2012/06/ugnazi-hackers-attack-on-cloudflare-via.html|accessdate=2 February 2017|date=4 June 2012}}</ref>


== Arrests and sentencing ==
===Wounded Warrior Project===
{{update|section|date = August 2024}}
In June 2012, UGNazi attacked the non-profit organization [[Wounded Warrior Project]]. The Project's database was released on June 6, 2012.<ref>{{cite web|url=http://news.softpedia.com/news/UGNazi-Attacks-Wounded-Warrior-Project-to-Spite-The-Jester-273163.shtml |title=UGNazi Attacks Wounded Warrior Project to Spite The Jester |publisher=News.softpedia.com |date= |accessdate=August 20, 2014}}</ref><ref>{{cite web|author=|url=https://twitter.com/UG/status/208625109311819776 |title=Twitter / UG: @th3j35t3r http://t.co/BfEx9nz4 |publisher=Twitter.com |date=June 1, 2012 |accessdate=August 20, 2014}}</ref>
Mir Islam ("Josh the God") and Eric Taylor ("Cosmo the God") of UGNazi were arrested on June 26, 2012 as a result of Operation Card Shop, a [[Federal Bureau of Investigation]] investigation into [[identity theft]] and [[Carding (fraud)|credit card fraud]]. Islam was apprehended in [[Manhattan]] after he attempted to withdraw money using a stolen ATM card.<ref name="Wired June 2012">{{Cite news|last=Zetter|first=Kim|title=Feds Arrest 24 in Global Carding Ring Bust|url=https://www.wired.com/threatlevel/2012/06/operation-card-shop/|access-date=July 8, 2012|url-status=live|newspaper=[[Wired (magazine)|Wired]]|date=June 26, 2012|agency=[[Condé Nast Publications]]|archive-url=https://web.archive.org/web/20120703113415/http://www.wired.com/threatlevel/2012/06/operation-card-shop/|archive-date=July 3, 2012}}</ref> On November 7, 2012, Taylor was sentenced in juvenile court in [[Long Beach, California]]. Taylor pleaded guilty to multiple felonies, including credit card fraud, identity theft, [[bomb threat]]s, and online impersonation, in exchange for a probation. The terms of the plea placed him on probation until his 21st birthday, restricted his internet access, and required him to forfeit seized assets.<ref name="Wired November 2012">{{cite magazine|last=Honan|first=Mat|title=Teenage Hacker 'Cosmo the God' Sentenced by California Court|url=https://www.wired.com/gadgetlab/2012/11/hacker-cosmo-the-god-sentenced-by-california-court/|magazine=[[Wired (magazine)|Wired]]|date=November 9, 2012|access-date=June 19, 2019}}</ref><ref>{{Cite web|url=https://www.cnbc.com/2018/04/27/eric-taylor-aka-cosmo-the-god-on-cyber.html|title=A former hacker reveals what he's learned about cybersecurity|last=Day|first=Andrea|date=April 27, 2018|website=CNBC|access-date=June 19, 2019}}</ref><ref>{{cite news|first1=Mat|last1=Honan|access-date=February 6, 2019|title=Cosmo, the Hacker 'God' Who Fell to Earth|url=https://www.wired.com/2012/09/cosmo-the-god-who-fell-to-earth/|newspaper=[[Wired (magazine)|Wired]]|date=September 11, 2012|issn=1059-1028}}</ref>


On December 24, 2018, members Troy Woody ("Osama the God") and Islam were arrested in [[Manila]] on [[murder]] charges related to the death of Tomi Masters, Woody's girlfriend.<ref name="BuzzFeed News">{{cite web|access-date=February 6, 2019|title="Down The Rabbit Hole I Go": How A Young Woman Followed Two Hackers' Lies To Her Death|url=https://www.buzzfeednews.com/article/josephbernstein/tomi-masters-down-the-rabbit-hole-i-go|website=[[BuzzFeed News]]|first1=Joseph|last1=Bernstein|first2=Davey|last2=Alba|author-link2=Davey Alba|date=February 5, 2019}}</ref><ref>{{cite news|first1=Victoria|last1=Bekiempis|access-date=June 19, 2019|date=December 28, 2018|title=The Dark Tale of a Bitcoin Trader, a Swatter, and a Dead Woman|url=https://www.thedailybeast.com/bitcoin-trader-troy-woody-and-pal-mir-islam-charged-in-philippines-murder|website=[[The Daily Beast]]}}</ref><ref>{{cite web|access-date=June 19, 2019|date=December 28, 2018|title=2 Behind Bars In Murder Of American Woman In Philippines|url=http://www.news9.com/story/39705058/2-behind-bars-in-murder-of-american-woman-in-philippines|publisher=[[CBS News]]|via=[[KWTV-DT|News 9]]}}</ref> Woody and Islam dumped a box containing Masters's body in the [[Pasig River]].<ref name="BuzzFeed News" /> Both members of UGNazi confirmed that they handled the box, but individually denied killing Masters.<ref name="BuzzFeed News" /> Woody and Islam pleaded not guilty to the charges on February 11, 2019, and the trial was scheduled for March 13.<ref>{{cite web|access-date=June 19, 2019|title=The American Hackers Accused Of Murdering A Young Woman In The Philippines Pleaded Not Guilty|url=https://www.buzzfeednews.com/article/josephbernstein/tomi-masters-murder-plead-not-guilty|website=[[BuzzFeed News]]|first1=Joseph|last1=Bernstein|first2=Davey|last2=Alba|date=February 11, 2019}}</ref>
===Wawa===
On June 8, 2012, UGNazi hacked the website of [[Wawa Inc.|Wawa]], a chain of [[convenience stores]]. They defaced the webpage, and have made statements that they have remote access to all of Wawa's gas station terminals. UGNazi has said that the reason for hacking Wawa was to lower gas prices. The Wawa website has since been secured.<ref>{{cite web|author=|url=https://twitter.com/UG/status/211220216074616833 |title=Twitter / UG: #UGNazi Wawa Hacked!, Gas |publisher=Twitter.com |date=June 8, 2012 |accessdate=August 20, 2014}}</ref><ref>{{cite web|url=http://www.courierpostonline.com/article/20120608/NEWS01/120608009/Wawa-s-website-hacked |title=Wawa's website hacked &#124; Courier-Post |publisher=courierpostonline.com |date=June 8, 2012 |accessdate=August 20, 2014}}</ref><ref>{{cite web|url=http://digg.com/news/world_news/ugnazi_claims_to_hacked_defaced_and_be_in_control_of_wawa_servers |archive-url=https://archive.is/20130121191416/http://digg.com/news/world_news/ugnazi_claims_to_hacked_defaced_and_be_in_control_of_wawa_servers |dead-url=yes |archive-date=January 21, 2013 |accessdate=June 9, 2012 }}</ref><ref>{{cite web|url=http://www.philly.com/philly/news/20120608_Hackers_hit_Wawa_website.html |title=In hack, Wawa web turns Kawaii Hitler |publisher=Philly.com |date=June 10, 2012 |accessdate=August 20, 2014}}</ref>

===Twitter===
On June 21, 2012, UGNazi claimed they took popular social media website [[Twitter]] down via a [[denial of service]] attack. Twitter was down for two hours, and this was the worst crash the site had faced in eight months.<ref>{{Cite news|last=Pepitone|first=Julianne|title=Twitter crashes hard, Internet freaks out|date=June 21, 2012|newspaper=CNN|url=http://money.cnn.com/2012/06/21/technology/twitter-down/index.htm|archiveurl=https://web.archive.org/web/20120623062429/http://money.cnn.com/2012/06/21/technology/twitter-down/index.htm|archivedate=June 23, 2012|deadurl=no}}</ref> However, "It's doubtful they wrestled down Twitter — it was probably just a bug," said blogger Sam Biddle.<ref>{{cite web|author=Biddle, Sam|date=November 30, 2012|title=The Final Words of a 15-Year-Old Hacker Banned from the Internet|publisher=Gizmodo|url=https://gizmodo.com/5963952/the-final-words-of-a-15-year-old-hacker-banned-from-the-internet|archiveurl=https://web.archive.org/web/20140615185233/http://gizmodo.com/5963952/the-final-words-of-a-15-year-old-hacker-banned-from-the-internet|archivedate=June 15, 2014|deadurl=no}}</ref>

===Westboro Baptist Church===
UGNazi hacked into the Twitter accounts of [[Shirley Phelps-Roper]] on December 17, 2012, and Fred Phelps Jr. on December 19, 2012, in protest of their [[Westboro Baptist Church]]'s planned protest following the [[Sandy Hook Elementary School shootings]]. Phelps-Roper's account displayed a tribute called 'Pray For Newtown', lending support to those affected by the tragedy. As of the 20th of the same month, Phelps-Roper's account has been returned to her control, whereas Phelps' is listed as having been suspended.{{citation needed|date=August 2014}}

==Law enforcement response==
Mir Islam, allegedly UGNazi member JoshTheGod, was arrested on June 26, 2012 in [[Manhattan]] as part of [[Operation Card Shop]], a [[Federal Bureau of Investigation]] investigation into [[identity theft]] and [[Carding (fraud)|credit card fraud]], after allegedly attempting to withdraw money using a stolen ATM card.<ref>{{Cite news|last=Zetter|first=Kim|title=Feds Arrest 24 in Global Carding Ring Bust|url=https://www.wired.com/threatlevel/2012/06/operation-card-shop/|accessdate=July 8, 2012|deadurl=no|newspaper=[[Wired (magazine)|Wired]]|date=June 26, 2012|agency=[[Condé Nast Publications]]|archiveurl=https://www.webcitation.org/690e1ifvl?url=http://www.wired.com/threatlevel/2012/06/operation-card-shop/|archivedate=July 8, 2012}}</ref>

Cosmo, another alleged UGNazi member, was also arrested on June 26, 2012 in [[Long Beach, California]] as part of Operation Card Shop. The FBI's press release regarding Operation Card Shop<ref>[https://www.fbi.gov/newyork/press-releases/2012/manhattan-u.s.-attorney-and-fbi-assistant-director-in-charge-announce-24-arrests-in-eight-countries-as-part-of-international-cyber-crime-takedown]</ref> states, "In addition, two minors, whose names will not be made public, were arrested by local authorities in Long Beach and Sacramento, California". Two days later, Cosmo was released<ref>[http://www.ibtimes.co.uk/articles/361374/20120710/ugnazi-cosmo-jester-hacker-anonymous-whmcs.htm]</ref> from a [[Youth detention center|juvenile detention center]] in [[Los Angeles]] and posted on Twitter,<ref>[https://twitter.com/CosmoTheGod/status/218255934068244481]</ref> which was Cosmo's final tweet for the next two years.
<ref>{{cite web|url=https://www.fbi.gov/newyork/press-releases/2012/manhattan-u.s.-attorney-and-fbi-assistant-director-in-charge-announce-24-arrests-in-eight-countries-as-part-of-international-cyber-crime-takedown |title=FBI — Manhattan U.S. Attorney and FBI Assistant Director in Charge Announce 24 Arrests in Eight Countries as Part of International Cyber Crime Takedown |publisher=Fbi.gov |date=June 26, 2012 |accessdate=August 20, 2014}}</ref><ref>{{cite web|author=|url=https://twitter.com/CosmoTheGod/status/218255934068244481 |title=Twitter / CosmoTheGod: Me and Josh were arrested early |publisher=Twitter.com |date=June 28, 2012 |accessdate=August 20, 2014}}</ref>

As of January 10, 2014, UGNazi has announced a return on Twitter which was retweeted by Cosmo.<ref>[https://twitter.com/UG/status/421789859926118400], Accessed September 12th,2014.</ref>

==Sentencing==
On November 7, 2012, the 15-year-old UGNazi hacker known as Cosmo or Cosmo the God was sentenced in juvenile court in Long Beach, California. Cosmo pleaded guilty to multiple felonies in exchange for a probation, encompassing all the charges brought against him, which included charges based on credit card fraud, identity theft, bomb threats, and online impersonation, the terms of the plea place him on probation until his 21st birthday. During that time, he cannot use the Internet without prior consent from his parole officer. Nor will he be allowed to use the Internet in an unsupervised manner, or for any purposes other than education-related ones. He is required to hand over all of his account logins and passwords. He must disclose in writing any devices that he has access to that have the capability to connect to a network. He is prohibited from having contact with any members or associates of UGNazi or Anonymous (although Anonymous has no official members), along with a specified list of other individuals. He had to forfeit all the computers and other items seized in the raid on his home. Violating any of these terms will result in a three-year prison term.<ref>{{cite news|last=Honan|first=Mat|title=Teenage Hacker ‘Cosmo the God’ Sentenced by California Court|url=https://www.wired.com/gadgetlab/2012/11/hacker-cosmo-the-god-sentenced-by-california-court/|work=Wired|date=November 9, 2012}}</ref>

==Final status==
Regardless of the loss of Cosmo, the group continued to claim responsibility for hacks in December 2012 of the U.S. State Department and [[General Services Administration]]<ref>{{cite web|title=UGNazi Claims Hacking US Government Websites Including State Department|date=December 12, 2012|publisher=VARA Cyber Security|url=http://varacyber.com/Cyber-Threat-News/ugnazi-claims-hacking-us-government-websites-including-state-department.html|archiveurl=https://web.archive.org/web/20140615181503/http://varacyber.com/Cyber-Threat-News/ugnazi-claims-hacking-us-government-websites-including-state-department.html|archivedate=June 15, 2014|deadurl=no}}</ref> and of Panasonic Brasil.<ref>{{cite web|title=UGNazi Claims Hacking of Panasonic’s Brazilian Website|date=December 12, 2012|publisher=VARA Cyber Security|url=http://varacyber.com/Cyber-Threat-News/ugnazi-claims-hacking-of-panasonic-s-brazilian-website.html|deadurl=yes|archiveurl=https://archive.is/20140615184443/http://varacyber.com/Cyber-Threat-News/ugnazi-claims-hacking-of-panasonic-s-brazilian-website.html|archivedate=June 15, 2014|df=}}</ref> However, they were not heard from until an August 2014 [[doxing]] of several prominent people (albeit thinly) related to the #OpFerguson protests concerning the [[shooting of Michael Brown]] in Ferguson, Missouri.<ref>http://demondoxbin.in/</ref>


==References==
==References==
{{Reflist|30em}}
{{Reflist|30em}}

== Further reading ==
{{refbegin}}
*{{Cite web|url=https://www.cnbc.com/2018/04/27/eric-taylor-aka-cosmo-the-god-on-cyber.html|title=A former hacker reveals what he’s learned about cybersecurity|last=Day|first=Andrea|date=|website=CNBC|archive-url=|archive-date=|dead-url=|access-date=}}
*{{cite web|accessdate=2019-02-06|title="Down The Rabbit Hole I Go": How A Young Woman Followed Two Hackers' Lies To Her Death|url=https://www.buzzfeednews.com/article/josephbernstein/tomi-masters-down-the-rabbit-hole-i-go|website=BuzzFeed News|first1=Joseph|last1=Bernstein|first2=Davey|last2=Alba|date=February 5, 2019}}
{{refend}}


==External links==
==External links==
*{{Official website|http://ugnazi.com}}
*{{Official website|http://ugnazi.com}}
*[https://www.wired.com/gadgetlab/2012/09/cosmo-the-god-who-fell-to-earth/all/ wired.com]
*[http://news.softpedia.com/news/UGNazi-Hackers-Launch-DDOS-Attack-on-CIA-DOJ-Site-to-Protest-CISPA-266033.shtml DDoS Attack on the CIA]


{{Hacking in the 2010s}}
{{Hacking in the 2010s}}


[[Category:Hacker groups]]
[[Category:Hacker groups]]
[[Category:Organizations established in 2011]]
[[Category:People associated with computer security]]
[[Category:Carding (fraud)]]
[[Category:Carding (fraud)]]
[[Category:Criminal organizations]]

Latest revision as of 04:15, 27 August 2024

UGNazi (Underground Nazi Hacktivist Group) is a hacker group. The group conducted a series of cyberattacks, including social engineering, data breach, and denial-of-service attacks, on the websites of various organizations in 2012. Two members of UGNazi were arrested in June 2012; one was incarcerated.[1][2] In December 2018, two members of UGNazi were arrested in connection with a murder in Manila.[3]

Attacks

[edit]

In January 2012, UGNazi defaced the website of Ultimate Fighting Championship in response to the UFC's support of the Stop Online Piracy Act.[4] On April 24, 2012, UGNazi performed distributed denial-of-service attacks on the websites of the Central Intelligence Agency and the Department of Justice in protest of the Cyber Intelligence Sharing and Protection Act.[5]

In May 2012, after compromising a database belonging to the Washington Military Department, UGNazi leaked sensitive DNS information used by the US state of Washington. They also leaked the account details of about 16 users, consisting of usernames and password hashes, including those of the website's administrator.[6] UGNazi performed a social engineering attack on web host billing software developer WHMCS.[7] A member of the group called WHMCS' hosting provider, impersonating a senior employee.[8] They gained root access to WHMCS's web server and leaked WHMCS's SQL database, website files, and cPanel configuration. The leaked database contained about 500,000 stored credit card numbers.[7][8][9][10]

On June 4, 2012, UGNazi targeted 4chan with a DNS hijacking attack through a vulnerability in Cloudflare's use of Google's two-factor authentication system, redirecting visitors to UGNazi's Twitter account.[11] UGNazi attacked the non-profit organization Wounded Warrior Project and released the Project's database on June 6, 2012.[12] In June of 2012, the leader of UGNazi stole the information of over 411,000 credit cards and compromised over 47 companies and government organizations estimating to be around $205 million.[13] On June 8, 2012, UGNazi hacked the website of Wawa Inc and defaced their webpage.[14] On June 21, 2012, UGNazi claimed they took popular social media website Twitter down for two hours via a denial of service attack.[15] Sam Biddle of Gizmodo disputed the veracity of the claim.[16]

UGNazi hacked into the Twitter accounts of Shirley Phelps-Roper on December 17, 2012, and Fred Phelps Jr. on December 19, 2012, in opposition to the Westboro Baptist Church's planned protest following the Sandy Hook Elementary School shootings.[17][18]

In January 2021, Parler CEO John Matze alleged to Fox News that UGNazi was actively working to facilitate targeted harassment of himself and his family following the temporary take-down of Parler, a far-right social network implicated in the 2021 storming of the United States Capitol.[19]

Arrests and sentencing

[edit]

Mir Islam ("Josh the God") and Eric Taylor ("Cosmo the God") of UGNazi were arrested on June 26, 2012 as a result of Operation Card Shop, a Federal Bureau of Investigation investigation into identity theft and credit card fraud. Islam was apprehended in Manhattan after he attempted to withdraw money using a stolen ATM card.[1] On November 7, 2012, Taylor was sentenced in juvenile court in Long Beach, California. Taylor pleaded guilty to multiple felonies, including credit card fraud, identity theft, bomb threats, and online impersonation, in exchange for a probation. The terms of the plea placed him on probation until his 21st birthday, restricted his internet access, and required him to forfeit seized assets.[2][20][21]

On December 24, 2018, members Troy Woody ("Osama the God") and Islam were arrested in Manila on murder charges related to the death of Tomi Masters, Woody's girlfriend.[3][22][23] Woody and Islam dumped a box containing Masters's body in the Pasig River.[3] Both members of UGNazi confirmed that they handled the box, but individually denied killing Masters.[3] Woody and Islam pleaded not guilty to the charges on February 11, 2019, and the trial was scheduled for March 13.[24]

References

[edit]
  1. ^ a b Zetter, Kim (June 26, 2012). "Feds Arrest 24 in Global Carding Ring Bust". Wired. Condé Nast Publications. Archived from the original on July 3, 2012. Retrieved July 8, 2012.
  2. ^ a b Honan, Mat (November 9, 2012). "Teenage Hacker 'Cosmo the God' Sentenced by California Court". Wired. Retrieved June 19, 2019.
  3. ^ a b c d Bernstein, Joseph; Alba, Davey (February 5, 2019). ""Down The Rabbit Hole I Go": How A Young Woman Followed Two Hackers' Lies To Her Death". BuzzFeed News. Retrieved February 6, 2019.
  4. ^ "The UFC finally issues a statement about UGNazi, the group that hacked UFC.com". MiddleEasy. January 24, 2012. Retrieved May 20, 2012.
  5. ^ Kovacs, Eduard (April 24, 2012). "UGNazi Hackers Launch DDOS Attacks on CIA, DOJ Sites to Protest CISPA". Softpedia News. Retrieved February 6, 2019.
  6. ^ Kovacs, Eduard (May 14, 2012). "UGNazi Hackers Leak Data from Washington Military Department". Softpedia News. Retrieved May 20, 2012.
  7. ^ a b "UGNazi Leaks 1.7 GB of Data from WHMCS Servers". Softpedia News. May 22, 2012. Retrieved August 20, 2014.
  8. ^ a b Greenberg, Andy (May 22, 2012). "Hackers Impersonate Web Billing Firm's Staff To Spill 500,000 Users' Passwords And Credit Cards". Forbes. Retrieved June 19, 2019.
  9. ^ Leyden, John (May 22, 2012). "Titsup WHMCS calls the Feds after credit-card megaleak". The Register. Retrieved August 18, 2014.
  10. ^ Kovacs, Edward (May 22, 2012). "UGNazi Leaks 1.7 GB of Data from WHMCS Servers". Softpedia News. Retrieved September 16, 2018.
  11. ^ Kumar, Mohit (June 4, 2012). "UGNazi hackers attack on CloudFlare via a flaw in Google". The Hacker News. Retrieved February 2, 2017.
  12. ^ Kovacs, Eduard (June 1, 2012). "UGNazi Attacks Wounded Warrior Project to Spite The Jester". Softpedia News. Retrieved August 20, 2014.
  13. ^ Greenberg, Andy. "Hackers Impersonate Web Billing Firm's Staff To Spill 500,000 Users' Passwords And Credit Cards". Forbes. Retrieved January 9, 2023.
  14. ^ Moran, Robert (June 8, 2012). "In hack, Wawa web turns Kawaii Hitler". The Philadelphia Inquirer. Retrieved June 19, 2019.
  15. ^ Pepitone, Julianne (June 21, 2012). "Twitter crashes hard, Internet freaks out". CNN. Archived from the original on June 23, 2012.
  16. ^ Biddle, Sam (November 30, 2012). "The Final Words of a 15-Year-Old Hacker Banned from the Internet". Gizmodo. Archived from the original on June 15, 2014.
  17. ^ Biddle, Sam (December 17, 2012). "Hackers Take Over Westboro Baptist Church Twitter (Updated)". Gizmodo. Retrieved February 6, 2019.
  18. ^ Biddle, Sam (December 19, 2012). "UGNazi Hackers Seize Another Westboro Baptist Church Hate Account". Gizmodo. Retrieved February 6, 2019.
  19. ^ Flood, Brian (January 12, 2021). "Parler CEO blasts AOC, elected officials who called to ban his app". Fox News. Retrieved January 18, 2021.
  20. ^ Day, Andrea (April 27, 2018). "A former hacker reveals what he's learned about cybersecurity". CNBC. Retrieved June 19, 2019.
  21. ^ Honan, Mat (September 11, 2012). "Cosmo, the Hacker 'God' Who Fell to Earth". Wired. ISSN 1059-1028. Retrieved February 6, 2019.
  22. ^ Bekiempis, Victoria (December 28, 2018). "The Dark Tale of a Bitcoin Trader, a Swatter, and a Dead Woman". The Daily Beast. Retrieved June 19, 2019.
  23. ^ "2 Behind Bars In Murder Of American Woman In Philippines". CBS News. December 28, 2018. Retrieved June 19, 2019 – via News 9.
  24. ^ Bernstein, Joseph; Alba, Davey (February 11, 2019). "The American Hackers Accused Of Murdering A Young Woman In The Philippines Pleaded Not Guilty". BuzzFeed News. Retrieved June 19, 2019.
[edit]
Retrieved from "https://en.wikipedia.org/w/index.php?title=UGNazi&oldid=1242503306"