Snatch gang claims the hack of the Department of Defence South Africa and added the military organization to its leak site.

I'm taking this with a pinch of salt. More to it than meets the eye IMO.
 
CEF88D3A-5FFA-4CD9-BFFE-224498807894.jpegHi, I’m new around here

I’ve checked into the matter and basically there a full on list with every top military personnel’s information from email to phone number to birthday, etc (see the image)

I’m currently trying to securely download the 499GB archive to see what was actually stolen but the download is going to take over 5 days since it’s coming from a Russian server host called “azerta” (45.95.67.48), download speed is averaging 500kb/s to 1mb/s so let’s wait and see
 
The attackers have released a statement saying they are not the same Snatch as the group Sophos discovered in 2019.

Update:

Following media reports about the data breach, the attackers have stated that they are not the "Snatch" ransomware gang.

"We have nothing to do with the Snatch ransomware project that appeared in 2019 and existed for about 2 years," they claim.

"We are the Security Notification Attachment (SNAtch for short) Team, a group specializing exclusively in leaked sensitive data."

The group said it does not deal in ransomware.

"We don't aim to stop a company [or critical infrastructure] from operating by attacking it with software that blocks the control servers," Snatch stated.

"If journalists analyze our work carefully, they will see that not a single client of ours has been attacked by a malware that can be called Snatch," they said.

"Yes, many of them have been attacked by various ransomware, as we are open for cooperation and often groups that work in this direction give us unique confidential data that were leaked from the attacked companies. But once again, the Snatch locker that we are compared to in the media has never been used."
 
Department of Defence walks back "fake news" statement about data breach

The South African Department of Defence has retracted denials that its network was breached while it further investigates claims by cyber extortion gang Snatch.

Snatch, so named for the iconic Guy Ritchie movie and apparently a backronym for “Security Notification Attachment”, claimed responsibility for an attack on the South African Department of Defence last week.
 
Department of Defence walks back "fake news" statement about data breach

The South African Department of Defence has retracted denials that its network was breached while it further investigates claims by cyber extortion gang Snatch.

Snatch, so named for the iconic Guy Ritchie movie and apparently a backronym for “Security Notification Attachment”, claimed responsibility for an attack on the South African Department of Defence last week.
MyBroadband hasn’t responded to my email and doesn’t seem to want my help with this :(

I was able to get to 100GB through download and then the server went offline and download failed

The data posted is all the from all computers linked to the DOD. We’re talking every employee’s Desktop, Document and Downloads folder, after searching through what I have, I found some classified payroll Information and A LOT of documents. Bear in mind this the first gigabyte of the archive I obtained through contacting someone at Snatch over the dark web for a favour.

Y’all can check my Twitter for what that looks like
 
MyBroadband hasn’t responded to my email and doesn’t seem to want my help with this :(
Check your email again ;-)

I responded last night before publishing the update.
 
This may be the biggest data leak and scandal of all-time...

Seriously, their systems need upgrades... With the recent defence systems I have seen at the Air show earlier at Waterkloof Air Force base, they are still running old computer systems that predates Windoze XP, and 1995-like hardware. I wouldn't be surprised if they ran a FTP server or common server software that has not been updated since the 2000's. "Why bother upgrading if it still works" mentality ?

Wasn't there a matric exam memorandum leak a while back, available on the Department of Education's FTP/file server, that was open for all?
 
Just a random thought, if the Wagner group is so prevalent in Africa, what’s to stop similar groups from being active in South Africa? Just like the our neighbours we have a non existent army and a corrupt government easily bought. I wouldn’t be surprised if there is an amount of Russian influence being exercised here.
 
Just a random thought, if the Wagner group is so prevalent in Africa, what’s to stop similar groups from being active in South Africa? Just like the our neighbours we have a non existent army and a corrupt government easily bought. I wouldn’t be surprised if there is an amount of Russian influence being exercised here.
You been watching too much TV.
 
Whenever I see a government website is hacked I am reminded of this gem from 2013 when SAPS whistle blower data was leaked:

eNCA.com alerted the police to the security breach, to which spokesperson Phuti Setati responded: “Our site is in order - we have not been hacked. There’s no such – our website is operating normal, we don’t have a problem with our website and they never experienced any problems."
 
How much more likely is it that the country that has never hacked or is never involved in hacking, is behind this....the Usa
 
This may be the biggest data leak and scandal of all-time...

Seriously, their systems need upgrades... With the recent defence systems I have seen at the Air show earlier at Waterkloof Air Force base, they are still running old computer systems that predates Windoze XP, and 1995-like hardware. I wouldn't be surprised if they ran a FTP server or common server software that has not been updated since the 2000's. "Why bother upgrading if it still works" mentality ?

Wasn't there a matric exam memorandum leak a while back, available on the Department of Education's FTP/file server, that was open for all?

Upgrades won't make much difference security like this requires full time dedicated experts as well as security savvy users.
 
Back
Top