It appears that Anonymous is not quite done going after the Thai justice system with its #BoycottThailand campaign. Recent attacks on almost 300 government sites have been in response to the conviction of two migrant workers in the murder of two British backpackers, David Miller and Hannah Witheridge – a conviction that Anonymous finds totally unjust.
Not only has Anonymous defaced government sites, but it seems they have acquired data. Blink Hacker Group, whose Twitter account, @MyanmarHackers, has been inactive since 2012, uploaded a statement to Ghostbin and Pastebin yesterday (the Pastebin entry has already been removed). In it, BHG writes:
We hacked in Thai Justice Net in order to find some of confidential files after police sites attacked. As you may aware, defacing site liked Police sites could last a few hrs, pages can be restored by any mins. Thus, our mission was not only defacing all Supreme court of Thailand site and along with all province courts of Thailand sites, our target is just to take down their Justice Net and get their information.
Matter of fact, they don’t only host for websites for news and blogs/documents. They have their Management System for all officials / Payroll Slip / Pension / Budget & Planning /Crime Case System and many more with them.
We have taken all of database of Justice Net after attack. Supreme Court of Thailand page is now building from the scratch after moving to new server, all other province courts of Thailand sites are still inaccessible.
The Supreme Court of Thailand’s site/portal does appear to be online today, but attempts to connect to two provincial courts returned web page not available error messages.
BHG claims that they have made the Thailand Judicial Management Database, containing “all of internal information such as staff info, their private phone numbers, their names, attendances entries and more,” available for download. DataBreaches.net is not providing a link to the 111.8 MB (1+ GB, extracted) database and has not downloaded it to attempt to verify its authenticity. Catalin Cimpanu of Softpedia informs me that the data dump appears to be what BHG described.
A link to the data dump was posted earlier to Twitter.
BHG is the same group that reportedly defaced the sites of 13 Thai police websites earlier this month.
In response to the latest attacks and data dump, police said the Technology Crime Suppression Division would track down the self-described hacktivists for prosecution. The spokesperson acknowledged, however, that police still had no clue where the attacks originated from.