Offensive Security

Politician Hack: This is how large parts of the data were collected!

Politician Hack: This is how large parts of the data were collected!

The whole of Germany is puzzling about the politician Hack, the origin of the stolen data, its purpose and above all about the perpetrators. One thing is already certain: the perpetrator or perpetrators have gone to a lot of trouble.

They have collected data, categorized, sorted and marked victims according to their interest in the attack. But where did the data come from? They are too extensive for a single phishing attack. We set off on a search.

The origin of the data is diverse – but the problem is the same.

We looked at the extent of the stolen data and puzzled over its origin. For a targeted (spear-) phishing attack like the one we carry out to sensitize employees*, the amount of data is simply too large and widely scattered.

Finally, it contains data from the private address of the politicians to the mobile phone number, bank data and chat protocols. But in addition, some of the pictures and clear names of the new generation are also available for download.

The question is currently omnipresent –
where did the data come from the politician Hack?

A line test (n>20) showed that all checked accounts already occurred in data thefts at that time. In some cases, information such as the password was or is still available in plain text on the Internet – and not only in the data record, which is now being hotly discussed. With the help of this data, the bridge to other platforms, services and accounts can be built without much effort. Same password? Big problem!

And even if no password has been stolen, in some cases the security issues have been stolen. In the end, many roads lead to Rome. Our Live Hackings have been showing this for years. The technical vulnerability of many websites is responsible for the current hacker attack.

Who has a long breath, and the attacker/the attacker – as you have proven – can collect, categorize and abuse data. In this case, the data was made available to the public. From our point of view, it’s a Grey Hat hacker’s procedure.

The stolen data from the politician Hack are explosive and pave the way for further hacks.

The dataset is a steep template for further fraud scams. At this point we do not want to go any further into the possibilities of abuse. The only advice we can give at this point is:

  1. Change passwords
  2. Change security questions
  3. Enable two-factor authentication
  4. Delete/ discard old sessions

The first step is to put a stop to the freeloaders of this world.

Public information remains public. The available Pastebins have long been copied several times. The attackers have shown society the problem and the potential scope of data theft. Now it becomes time the homework to settle: Awareness increase, the handling train and the infrastructure secure.

Now it met “only” few humans. Out there are millions more people who do not know that their data has been stolen. Data that can be used to compromise their digital identity.

Photo of author

Vincent Reckendrees

Hallo, ich bin Vincent Reckendrees und leite das Team Offensive Services bei der AWARE7 GmbH. In meinem Bachelor und Master Studium habe ich mich auf IT-Sicherheit spezialisiert und BSI zertifizierter IS-Penetrationstester. Meine Leidenschaft gilt Reverse Engineering, Hardware- und Web-Sicherheit. Als Experte für Penetrationstests finde ich Schwachstellen in Systemen und Netzwerken und nutze sie, um realistische Cyberangriffe zu simulieren und Sicherheitsmaßnahmen zu verbessern. Durch Reverse Engineering entdecke ich Fehler und Verbesserungsmöglichkeiten in Software und Hardware. Meine Fähigkeiten in Hardware- und Web-Sicherheit ermöglichen es mir, physische Geräte und Online-Plattformen vor einer Vielzahl von Cyberbedrohungen zu schützen und ihre Integrität und Zuverlässigkeit zu gewährleisten.