EC-Council, Security Certification Group website hacked and defaced


Warning: Illegal string offset 'filter' in /home/crypton1/public_html/mobilesecuritythreat.com/wp-includes/taxonomy.php on line 1409

“Although EC-Council has been respected by corporations and governments, many in the in the security community don’t agree the way they certify and considered it as useless certification ” 

Analysts predict that Passports of more than 60,000 US military and government IT professionals at risk

Hacker went by the name of Eugene Belford, claims to have obtained 1000’s of scanned passport pages. He specifically mentioned that .mil and LE officials were targeted. ( Eugene Belford named for the “thieving evil computer genius” from the movie Hackers)

The defaced website on EC-Council website had a picture of Edward Snowden’s passport page and read :

Defaced again? Yep, good job reusing your passwords morons jack67834#

The hacker further states that he has thousands of passport and other information along with an e-mail from him to the council from 2010.

The hacker referred to an attrition.org page that has shows the anger against the certifier.

EC-ISC2-Hack

Attrition.org says. “EC-Council’s history is mired in controversy, with a wide variety of criticism coming from both the education and information security professions,”  Furthermore “The company not only runs an extensive certification program, they also operate a virtual university. This has not stopped them from taking shortcuts usually reserved for students, by plagiarizing content from other sources and including it in their commercial offerings.”

This is not the first time they were hacked.  Its appears that EC-Council  don’t follow what they preach as a gold standard of Information Security. Professionals deserve a response for such hacks and they have not released any statement which has created anger in Security community

The e-mail screenshot posted to the organization’s homepage, security researcher Ashkan Soltani and Collin D. Anderson suggested on Twitter that the “attacker hijacked DNS and gained access to GApps through domain verification account reset.” — stated by Arctechnica

Share Button
Tagged with 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>