Foxconn, the enormous manufacturing supplier to some of the world's largest technology firms has been hit by a new group of hackers looking to make a name for themselves. On Wednesday evening, a team calling themselves Swagg Security claimed they had breached the company’s network.
What followed was a six megabyte archive leaked to Pirate Bay, containing a dump of employee’s usernames and passwords for several of the firm's internal servers, as well as the statement below which was also published to Pastebin.
The site 9to5Mac has since confirmed that the information in the archive on Pirate Bay included stolen login credentials that worked on more than one Foxconn server. Foxconn has since taken the affected servers offline to prevent further access.
So Foxconn thinks they got 'em some swagger because they work with the Big Boys from Intel, Microsoft, IBM, and Apple? Fool, you don't know what swagger is. They say you got your employees all worked up, committing suicide 'n stuff. They say you hire Chinese workers 'cause you think the Taiwanese are elite. We got something' served up good...real good. You’re not going to know what hit you by the time you finish this release. Your company gonna' crumble, and you deserve it.
This is Swagg Security, we aim to reshape your perspectives, our perspectives, by the inducing of entertainment. A unique approach to spreading a unique philosophy which brings the sought after tranquility. In a way we are "hacktivist", but in our own views we are Greyhats. We believe there is no reality in hacktivism, even with good intentions.
We encourage media, security experts, and other interested individuals to explore our leaks. Foxconn did have an appropriate firewall, but fortunately to our intent, we were able to bypass it almost flawlessly. Of course with funding ourselves we did have our limitations. But with several hacking techniques employed, and a couple of days in time, we were able to dump most of everything of significance. We now appropriately give consent to other individuals reading this release, to scavenge through the leaks acquiring usernames and passwords; while attempting to find if they use the passwords anywhere else. Remember damage is bliss. Without further undue, the leaks.
Foxconn said via Twitter that access was gained via an "outdated vulnerability" in a version of Internet Explorer on a computer used internally by the company. The torrent file also contains username credentials and logins for procurement sites and the intranets of suppliers and partners, which the hackers claimed "could allow individuals to make fraudulent orders under big companies like Microsoft, Apple, IBM, Intel, and Dell."
It is not an ideal time for the company, as firms they deal with are becoming increasingly more concerned with media scrutiny regarding the working conditions in Chinese factories. This morning Apple customers plan to drop off over 250,000 signature petitions across the globe in disapproval of their supplier's working practices.