Cyber vandalism: Turkish hacker claims gaining access to NADRA, FIA servers

Published: December 15, 2012
“I do this to show them[Pakistani hackers] they are not [the] only ones hacking big targets on the planet,” the hacker said. PHOTO:FILE

“I do this to show them[Pakistani hackers] they are not [the] only ones hacking big targets on the planet,” the hacker said. PHOTO:FILE


The Turkish hacker – who recently defaced Google Pakistan’s webpage along with 284 other .pk domains – has claimed to have access to the National Database and Registration Authority (Nadra) and the Federal Investigation Agency’s (FIA) servers, potentially acquiring personal data of millions of Pakistanis.

According to a TechCrunch (TC) report published on December 13, the hacker, Eboz, had hacked the servers of PKNIC, the internet registry that manages top level domains for Pakistan on November 24, thereby defacing and hundreds of other websites with similar domains.

In a recent interview with TC, a reputable website for technology news and analysis, the hacker made fresh claims that he has access to Nadra and FIA servers. The former stores all the personal information of every Pakistani citizen, while the latter’s database contains confidential information that, if leaked, could pose a threat to national security.

According to the report, Eboz, between 17 to 21 years of age, is targeting Pakistani websites to demonstrate his hacking skills to Pakistani counterparts.

“Pakistani hackers are claiming to be [the] ‘world’s best hackers’,” he told the author of the report in the interview, which was conducted via instant messaging service. He particularly mentioned Pakistani hackers zombie_ksa and script-kiddie, who, he said, have hacked Google a few times.

“I do this to show them they are not [the] only ones hacking big targets on the planet,” the hacker said. “I also gained access to NADRA and FIA Pakistan, NADRA which holds information on every citizen in Pakistan, and [the] FIA which has every record of crime in Pakistan, [it is a] pretty good compilation,” he added.

Explaining how he gained access to these websites’ servers, Eboz said he used different methods. Pakistan is not as secure as it claims to be, he said. “SQL [SQL Injection, a technique used to attack a website] can be used to inject and spawn shell/backdoors,” he added.

Responding to a question about the defacement of the hacked websites, Eboz said he first hacks into a website, then extracts important information. After extracting the confidential data, he defaces the site, “Sometimes for political reasons, or maybe just for fun.” Describing what he does with the stolen data, he said that he hacked mass accounts from social networking giant Facebook and sold them on some forums to earn money.

When questioned about the credibility of his claim and whether he was the same hacker who defaced, Eboz shared the bug he used to take down the websites with TC. But it did not publish it on his request.

FIA, NADRA’s versions

When contacted, an FIA official said their data was secure and their website protected. He, however, said he could give a detailed response on Monday [December 17].

Issuing a statement, NADRA said that such claims of hackers were baseless and its core products and services were intact and enough security controls were implemented to safeguard citizens’ data.

Published in The Express Tribune, December 15th, 2012. 

Facebook Conversations

Reader Comments (17)

  • Thinker
    Dec 15, 2012 - 12:21PM

    This kind of news are meant to promote hatred among two countries who have good relations.Iran has shot and killed Pakistanis inside Pakistani territory but there was not much talk about that and media kept it down.Recommend

  • Mohammad Ali Siddiqui
    Dec 15, 2012 - 1:11PM

    Hacking is very similar to kidnapping a person but the hackers kidnap a website.

    Where is internet Police and what they are doing?


  • The blue danube
    Dec 15, 2012 - 1:45PM

    Good job EBOZ .Long live Turkey and Punjab friendship .


  • PPL
    Dec 15, 2012 - 2:22PM

    i wonder what NR3C is doing..


  • Pakistan.
    Dec 15, 2012 - 2:30PM

    Lol this seems fun! Pak Hackers v Israel, Bangladesh, China and now Turkey! lol. Who’s next?!


  • Truth
    Dec 15, 2012 - 4:13PM

    What a waste of time!!!


  • Umar
    Dec 15, 2012 - 5:06PM

    I am not surprised at this hacker but I’m surprised at our security systems for official NADRA and FIA servers. I am surprised over what they teach in our universities to people who end up developing these so called secure websites.

    SQL injection is one of the most common security vulnerabilities for a website and is quite easy to prevent. (but I am guessing since we have this great cramming form of education, people fail to learn the ins and outs of developing websites). The simplest solution is (if you are a programmer)

    Filter all input, escape all output! In most server side languages, this is done by a single or a couple lines of code.

    Also all passwords should be encrypted with rainbow tables or with Bcrypt hashing so that even if a hacker gains access to a database, he should not be able to read the passwords, just the hashes which are very difficult to decypher if you do not know the secret decryption key. Also passwords should never ever be written in the source code, but as Global Variables visible only on the server. This way if a hacker gains access to the code, he will not be able to see the passwords.

    Servers should all be protected with SSH RSA keys and NOT using passwords. RSA keys ensure that only those people who have the key installed in their systems can access a server. IP Tables should be used to protect against brute force attacks on a server. And no, I never learned this at any university, all through the internet and internet communities. Our youth needs to use the internet to it’s full potential, but all they use it for is Facebook, porn and Youtube. Our government is busy banning every one of these sites over the façade of sensitive religious beliefs. Youtube is an incredible resource for learning if used properly instead of watching stage dramas.

    Oh, and in case someone is competent enough to learn all of this, they are never given a chance to progress, because we have some General/Minister/Land Lord’s son for the right job instead, and the bright kids are just pushed around the society from one bad job to another until they get fed up and for survival go abroad creating a brain drain in the country. This is what happens in a society that is corrupt from the ground up. Don’t blame the hacker, take a peek in to your own collars first, and you’ll see the problem.


  • Ahmed
    Dec 15, 2012 - 6:42PM

    Turkish or Indian? Looks like a wolf in sheep clothing.Recommend

  • Vampire
    Dec 15, 2012 - 7:58PM

    Turkish or whoever, who cares, we’ll take revenge from India :D


  • Vampire
    Dec 15, 2012 - 8:03PM

    They are Indian Hackers and just wrote the message in Turkish and message says “Where are you sleeping friends?” as Pakistani Hackers wrote “We are not sleeping” on Indian websites in retaliation last year.

    So in short, they are Indians and sending message to Pakistani Cyber Army… I’d say your message is received and you please be ready for a GRANDSHOW at New Year’s eve.


  • JSM
    Dec 15, 2012 - 8:11PM

    Here is a dose of your own medicine. Chickens come home to roost.


  • concerned citizen
    Dec 15, 2012 - 8:40PM

    All these ‘hackers’ making the headlines lately are laughable because they are just exploiting very basic vulnerabilities, which are well known. The fact that our top agencies, always fail to secure their systems (obviously because of corruption everywhere) is the reason why they’re easy targets. To know that information from NADRA has been stolen is quite worry-some though. For all the racket going on against Pakistan in the world, anyone who has access to citizen information from Pakistan can do ID theft and god knows what they’d do with that in the wrong hands.

    In all other countries, this would be taken seriously but in Pakistan, sadly people don’t know the magnitude of this problem or what harm it can potentially cause. If people were more aware, there would be noise and this would have been taken care of. So everyone reading this, spread the word.


  • no1
    Dec 15, 2012 - 8:40PM

    I don’t think any one should admire the security breach if it is what the hackers claim.Our responsibles should be more capable and vigilant, but there are reported events where CIA and NASA like companies being attempted successfuly, does it means every information these organizations have been leaked ,copied or modified. I don’t think so.

    Isn’t it a stupid thing ,by having web site address through a dns client, run crafted request to get web server and operating system signature and then tons of exploits can give some hit doesn’t mean you got US all.


  • Bhatti
    Dec 15, 2012 - 10:35PM

    lol! hahahahahaa


  • Mohsin
    Dec 16, 2012 - 12:29AM

    NADRA uses ‘intranet’ not internet. This is just a rubbish story!


  • Savvy
    Dec 16, 2012 - 2:45PM

    NADRA’s website does not contain any citizen database…It’s mere website with superfluous introductory stuff about the authority. NADRA uses the most secured software systems which Pentagon and FBI are currently using. Even Hacker’s father can’t have a fig of access to NADRA’s database that is not on internet, except mere website.


  • anwar
    Dec 17, 2012 - 9:15PM

    Totally believable story knowing the capabilities of NADRA. but the Turkish competence is not believable. It must be an Israeli posing as a Turk


More in World