Over the weekend a hacker going by the name of “Mizaru” of “GhostSecurity France” claimed responsibility for the hack and leak of two international government agencies. The first leak targeted Ministry of Health and Public Hygiene of Mali and the second targeted the Skills for Employment Investment Program in Bangladesh. At the present moment in time their appears to be no correlation between the two instances and not much is known about the hackers or their group. For example, Mizaru just joined Twitter in January 2019 and the leaks provided below account for two of their first three postings to the service.
This is the first time Mizaru has leaked anything to Rogue Media Labs, and the leaks are somewhat different than what I am used to dealing with. For example, the first leak from Mali doesn’t necessarily contain much information from inside the databases effected. Rather, it is a mirrored copy of what the files contained within the sites databases look like. Browsing through the leaked information though, it is clear that the hacker compromised the website via SQL Injection, granting them access to MySQL version 10.13 databases containing Distrib version 5.6.13 files hosted on a Windows Operating System (OS).
Ministry of Health and Public Hygiene of Mali: hxxps://sante.gov.ml/
Raw Data Leak: https://ghostbin.com/paste/s74v6
The second leak effecting the Skills for Employment Investment Program of Bangladesh was a little more “traditional” and featured much more information. For example, the leak provided personally identifiable information on over 600 students, including their full names, date of births, addresses, phone numbers, personal emails, religion, spouses, parents, siblings, bank accounts , school ID numbers and much more.
Skills for Employment Investment Program: hxxp://seip-fd.gov.bd
Raw Data Leak: https://ghostbin.com/paste/zbgk3
Browse Through Leak:zbgk3 - Ghostbin