UGNazi (Underground Nazi Hacktivist Group) is a hacker group responsible for several major and well-publicized cyberattacks. The group was very active in 2012 when they attacked multiple organizations utilizing techniques such as social engineering, data exfiltration, and denial of service (DoS) against the websites of targeted organizations.
During this period, UGNazi was purported to be responsible for these cyber incidents, among others:
- Defacing the website of Ultimate Fighting Championship in response to the UFC’s support of the Stop Online Piracy Act.
- Launching distributed denial of service (DDoS) attacks on US Federal Government agencies, including the Central Intelligence Agency and the Department of Justice. This attack was believed to protest the Cyber Intelligence Sharing and Protection Act.
- Exfiltrating data from a database belonging to the Washington Military Department. This hack included a release of user account information.
- Launching a socially engineered attack on the UK-based web host billing software developer WHMCS. WHMCS provides a leading web hosting automation platform and automates operations for web hosting businesses worldwide. The attackers gained root access to WHMCS’s web server and leaked WHMCS’s SQL database, website files, and cPanel configuration. The stolen database contained about 500,000 stored credit card numbers. The Register also noted that the credit card information was “salted” and hashed, but a decryption key to recover the details was stored in clear text. UGNazi hackers allegedly found the decryption key in the root directory of WHCMS’s compromised server. Note that hashing is a process that converts a password to ciphertext using hash algorithms. A hashed password cannot be decrypted, but many hackers will attempt to reverse engineer it. Password salting adds characters at the beginning of the end of a password before hashing to obfuscate the actual password further.
There are many other hacktivist groups, such as UGNazi. They include:
Anonymous is one of the most well-known hacktivist groups. They have become well branded by the Guy Fawkes mask, which their spokespeople use to announce their pending activity. Anonymous said the mask represents a “unifying symbol against the forces that still promote discrimination, corruption, injustice, and oppression in any form in our society today.” The Anonymous website further notes, “The mask stands for stamping out oppression.”
Anonymous is a highly decentralized hacking group primarily known for unleashing massive DDoS cyberattacks. These DDoS attacks have targeted political figures, governments, and more.
The Legion of Doom
The Legion of Doom is a hacking group that has contributed notably to knowledge about the techniques used in hacking through their published works. Their publication, the Hacker Manifesto, presented their views on the ethics and goals of hackers worldwide. The Manifesto has become a core part of hacktivism culture, as was seen in the movie “Hackers.”
The Masters of Deception
The Masters of Deception was known for targeting and exploiting telecommunications companies. The Masters of Deception espoused the belief that hacking capabilities must be earned. Amazingly, their members had to take initiation tests during which they would demonstrate sufficient hacking knowledge. The Masters of Deception was ultimately identified and subsequently arrested by the FBI.
The Chaos Computer Club
The Chaos Computer Club is one of the largest hacking groups in the world. Their membership appeared to be based primarily in Europe. The Chaos Computer Club was known for advocating for complete government transparency. The Chaos Computer Club found vulnerabilities and exposed them with their hacking for the greater good of the public. Their mantra included the belief that people should have free access to computers.
The Homebrew Computer Club
The Homebrew Computer Club was initially formed in Silicon Valley. Many famous hackers and computer engineers came from this group. This group fostered a curiosity about technology and collaborated extensively to understand all the facets of the latest computer technologies and the vulnerabilities they presented.
The Lizard Squad
The Lizard Squad hacking group claimed credit for an attack on Malaysia Airlines. They have also tried to take credit for an attack upon Facebook that allegedly brought the service down. Additionally, the Lizard Squad has been targeting popular game servers with DDoS attacks. On a different note, The Lizard Squad has claimed to have taken the entire internet down in North Korea using a DDoS attack.
UGNazi is one of Many Hacktivism Groups
Hacktivism is about making a political or social statement by bringing attention to the misuse of information technology resources and the internet. They can attack any type of business, government institution, and groups that may be more nefarious in their intent. Hacktivist groups include terrorists, pedophiles, drug dealers, and many more.
Hacking means, of course, illegally breaking into someone’s computer. Hacking combined with social “activism” nets out the new term “Hacktivism” is a combination of the two.” Hacktivism was coined in the mid to late 90s by one of the members of the Cult of the Dead Cow.
Most hacktivist attacks are intended to promote an ideology or perhaps attack an ideology the hacktivists see as a threat to their cause. The methods used by hacktivists can vary across a broad spectrum of damaging and illegal activity.
Want to learn more? Check out our FREE Bugcrowd University to sharpen your hacking skills.
Organizations the world over need your help! Join our researcher community to connect with hundreds of organization programs focused on finding their security vulnerabilities. Our vast directory includes programs for all skill levels, across many industries and from around the world.
Get started with Bugcrowd
Hackers aren’t waiting, so why should you? See how Bugcrowd can quickly improve your security posture.