Charlie Hebdo, a first analysis

Posted by

Theft of data from the proportions policies enormous. Sensitive data, and strongly related to state secrets and the secrets of investigation in terrorism, are online.

The satirical magazine Charlie Hebdo has been targeted by an attack, ransomware and data (21 GB) of the company are on sale for 50 thousand dollars.

A French law firm (Remy Le Bonnois) was the victim of a cyber attack ransomware last June (claimed 10 days ago by Everest group). This has allowed the dissemination of confidential files relating to the massacre of Charlie Hebdo and the murder of the teacher Samuel Paty.

It is a known data breach unprecedented, of which the RTS is aware of during the research on the hack took place in Switzerland. These are the ultra-sensitive, particularly relating to counter-terrorism.

In total, the 1,300,000 file, equal to 820 gigabytes, have been hacked in a French law firm, active in Paris and Lyon in particular. A company specialized in the assistance to victims who have worked on several high profile cases, like the massacre of Charlie Hebdo in 2015, or the murder of a terrorist teacher Samuel Paty a year ago.

Refers to the RTS.

Specific also, 10 days ago, they were in the sale, the total data including those of the law firm, on the site (Tor) of Everest ransomware group. Today, however, are only available to those of Charlie Hebdo, for a lower amount (50K in fact).

How was the offer from 14/11 until 22/11

The analysis of RTS

The result: thousands of files related to these two cases are found today on the darknet. And this, for ten days.

These documents contain an astronomical amount of sensitive information relating to the file of the investigation of the two cases. There are acts of investigation, such as technical reports, illustrated with photographs, or the minutes of the hearing of witnesses and defendants. There are reports autopsy, recordings of intercepted phone calls with the names and telephone numbers of respondents.

But also demands or judgments, as well as correspondence between the parties and the prosecution. Different documents contain names, surnames, and, sometimes, the contact details of the investigators, magistrates or police officers involved. These documents reveal how the police counter-terrorism French. With which software will work. We also learn what organizations are potentially dangerous are under surveillance.

The law firm has taken steps to contain the effects of this attack. Remember that your servers are hosted in a datacenter with all of the certifications as appropriate. He says he is “particularly concerned about this situation.” “Our company,” she writes, “as well as the customers that we stand for, are the first victims of this act of piracy”.

Charlie Hebdo and Iran

It is not the first time that the French magazine is targeted by cyber attacks (even if in this case the hack occurred indirectly, via the law firm).on the 30th of June last, in fact, have been exposed to new documents show that the plans of the society of computer espionage by iranian “Eeleyanet Gostar” (also known with the name of the military as “Shahid Shooshtari”), in collaboration with the IRGC's Cyber Unit, for hack the Content Management System (CMS) of the French magazine “Charlie Hebdo”.
As you could see in these documents, the regime is willing to use any method to promote the ideology of its ayatollah, even at the cost of abusing the photos of the murdered in France, threatening the French citizens, deface web sites, French, and spread propaganda; all in the hope of pushing the French people in a civil war of religion.

This story and these investigations are in full swing, for which cross-reference more updates when I come to the knowledge of the new material, by always keeping in mind the usability of the section dedicated to the Whistleblowing this site, for anyone with useful material to work with.

Want to comment on? Turn on the discussion