Connect with us

Top News

Who is Zambrius, the Portuguese hacker who gained access to important government structures?

Published

on

Who is Zambrius, the Portuguese hacker who gained access to important government structures?

He entered the system that controls Brazilian elections and was sentenced to six years in 2020 for hacking Benfica and Altis. Portuguese State

“There is always something going on in the suburbs of the Internet,” says the hacker, who at 19 had already hacked into several of the largest companies and public infrastructures in Portugal and Brazil.

Together with a group of hackers led by him Cyberteam, Tomás Pedroso, known in the internet world as Zambrius, gained access to Benfica’s computer systems, obtained some of Altis’s most sensitive data, as well as the network supporting the Brazilian electoral system and the three branches electoral system. General Staff of the Armed Forces. Now, at the age of 21, while awaiting the outcome of an appeal he filed against the six-year prison term to which he was sentenced, the hacker revealed that he gained access to the Garcia de Orta Hospital (at least 16 days before the program ransomware attack), ARS Centro Patient Transport Service, a platform that manages SNS financial resources, and an application that stores national exam data.

READ TOO
Hackers Hack Critical Government Services: Armed Forces, Healthcare and Education Are Vulnerable

However, this young man’s journey into the most hidden corners of the Internet began many years ago. At just 16 years old, he dominated the computer world to such an extent that he had already managed to gain access to some platforms of the highest state structures, such as the Judicial Police or the Prosecutor General’s Office, along with other members of CyberTeam. Eventually, he was caught and detained by the authorities and placed in an educational center for two years.

Attack on the Brazilian elections

Together with other hackers, the young man, who the criminal indictment says will have communication difficulties and attention deficits, took advantage of being under house arrest from May to November to access the Oracle network that was managing the data of the Supreme Electoral Court of Justice of Brazil (TSE) during the first round of municipal elections. In a report by CNN Portugal, the hacker admitted to gaining access to the network, but denied accusations of manipulating information that led to electoral changes.

See also  Portimonense beat Pacos de Ferreira to become Portuguese champion

“I did not manipulate any information despite having access to computers and databases from Oracle, a multinational corporation in charge of processing the election results,” he wrote to CNN Portugal.

He was arrested by the Judicial Police in November 2020 in a joint operation with the Brazilian authorities that identified and detained three youths “for the ongoing crime of unauthorized access, computer damage and computer sabotage.”

Since then, the Zambrius name has become known for hundreds of DDOS attacks that flood servers and render them inoperable, website corruption that corrupts web pages, and SQL injections where it exploits website vulnerabilities to issue commands.

Tomas Pedroso is currently at large, pending an appeal from a six-year prison sentence with a twice-weekly obligation to appear and a travel ban. He was charged with 28 crimes of aggravated access, misuse of data and damage to computers.

Attack on Benfica and Altis

The court, which now found him guilty of computer crimes, charged the hacker with breaking into the website of telecom operator MEO Altice. The State Department believes that Thomas was able to access the company’s databases and “filter data, including names and addresses, customers contained in sales tables, and employees of the sales department.” In total, Zambrius had access to over 123,325 company data, including name, address, mobile phone number, and the companies they work for.

Another abusive access by a young Portuguese occurred in March 2020 when he managed to log into the MyBenfica portal, which was used as a back office for the Fundação Benfica website, which was used by the site administrators to manage and present content. The hacker then provided the credentials of 114 club employees.

Hacktivism or cybercrime

The Defense Ministry’s criminal case file describes the hacker’s actions as “illegal acts of a cybernetic nature,” which the young man calls hacktivism, “as a form of political protest achieved through cybernetic intrusion and incitement to civil disobedience.” “. Thus, along with “unidentified persons”, the young man explored various public and private systems, “scaling privileges and causing database configuration changes associated with the respective sites or other functions.”

See also  John Kasich, a ‘Deeply Worried’ Republican, Techniques Up for Biden

This was the case in the case of the attack on Jornal da Madeira, when Zambrius caused a change in the image of the newspaper’s website, inserting an image of a man with a covered face, in a hood and working at a computer, accompanied by a message against politician Andre Ventura, president of Chega!: “Cyberteam hacked (… ) Cyberteam was here!#antiventura Andre Ventura who f…! A system that e…! Ps: I ran out of patience to write cute text with fancy words!”

CyberTeam also did not pass by the Portuguese Association of Football Referees (APAF). The hacker successfully altered the image of the website, which now featured a photo of Rui Pinto, with a message in which the group questioned an investigation by the Portuguese authorities that did not take into account information posted on the Football Leaks website. “What is Portugal doing to fight corruption in football?” the group wrote.

Prosecutors say that when the young man successfully attacked the target, he proceeded to copy and “extract the information contained in the databases”, eventually claiming responsibility for the social media attacks.

cyberteam

In the history of attacks carried out by CyberTeam, there are hundreds of large-scale intrusions, including EDP. On April 13, 2020, a Portuguese electricity company was the target of a cyberattack that severely affected customer service systems. The announcement came the next day via Twitter, where the pirates threatened to attack Altice and carry out a large-scale attack on April 25 of that year.

At the time, they stated in a Facebook post that around 80% of Portuguese websites could be changed by the group. The hacker collective also claimed to have “access to several important systems in the private and public sector, including some courts, clubs, private companies” and added that “if necessary” they would hack into the television network.

CNN Portugal, a young man assures that the group of computer pirates he helped found is inactive.

Return

All you need is a smartphone and with time and patience you can find vulnerabilities and exploit them. This is what happened to the shortcomings that he discovered in April of this year when he tweeted a series of appeals to various critical platforms of the Portuguese state, including the García de Orta hospital page, the ARS Centro patient transport platform and the National Examination Jury.

See also  Ericeira ranked 4th best Portuguese destination for digital nomads - AZUL-ERICEIRA MAG | Best of EriceiraAZUL-ERICEIRA MAG

In a written response to CNN Portugal, which asked him about the motives for what justice has already deemed crimes, the hacker says that these attacks serve “only to notify” the authorities of the weaknesses that exist in the networks, claiming that they are willing to share with the network administrator the vulnerabilities of these systems. The hacker justifies the focus on health care, education, and defense by saying that they serve to demonstrate that these areas, “which hackers usually seek out for profit,” are not safe.

When asked if he is ready to work with the authorities to find and correct flaws in the most important systems of the Portuguese state, Thomas Pedroso answers with the question: “Why not?”.

Another target of the hacker was dozens of servers of the three directorates of the General Staff of the Armed Forces (EMGFA). Two years after he was able to infiltrate these platforms and be convicted for it, the hacker claims he was able to access the same servers again through the same vulnerabilities that were discovered in the past. CNN Portugal, an official source from the EMGFA, told CNN Portugal that the 2020 vulnerabilities “have been analyzed and actions deemed appropriate have been taken.”

“There are many types of attacks on servers. An attacker can steal information from users and use it for sale or own use, such as accessing ATMs or even bank accounts, can use phishing scams, inject ransomware to obtain ransom, use the victim’s server for future attacks, or mine bitcoins, the attacker locks onto the target as if it were the owner; In short, the attacker can completely manipulate the network and do whatever they want with it,” explains the hacker.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Top News

“His manager is Portuguese and…”; The agent changes plans, and Luis Castro “arranges” the problem in the protection of “Botafogo”

Published

on

"His manager is Portuguese and...";  The agent changes plans, and Luis Castro "arranges" the problem in the protection of "Botafogo"

Botafogo

The defender must return from loan ahead of schedule, and the Glorioso coach will have to make a decision at the beginning of the preseason.

Photo: Jorge Rodriguez/AGIF.  First, Luis Castro does not have Diego Loureiro for 2023.
Photo: Jorge Rodriguez/AGIF. First, Luis Castro does not have Diego Loureiro for 2023.

With the end of the season Botafogo its reformulation is already underway with the participation of Luis Castro. Names like Carlinhos, for example, have already left General Severiano, but there is a tendency for the “purge” to continue a little longer. Especially with the return of borrowed athletes during the year.

goalkeeper case Diego Loureiro, who played on loan at Atlético GO, promoted to Serie B. Curiously, the Botafogo archer has a contract at Goiania until the end of 2023, but Dragao president Adson Batista is pessimistic about the player’s consistency.

“Diego Loureiro is a bit off because he still has a contract with Botafogo, his manager is Portuguese and he has a different vision.” said the director in an interview with radio Sagres from the capital of Goiás.

The goalkeeper played only two games for Atlético-GO, who were betting on Renan in the starting lineup. If he returns to Rio, Loureiro will likely see high competition in the black and white net as Luis Castro now has alternatives to Gatito Fernandes and Lucas Perry.

See also  Miguel Oliveira qualified eighth for the Japanese Grand Prix.
Continue Reading

Top News

Portuguese footballer, former Sporting player, flees the country

Published

on

Portuguese footballer, former Sporting player, flees the country

Ruben Ribeiro is accused of domestic violence and was arrested two weeks ago. He left with a term of identity and residence and disappeared from the “trace” of the authorities.

Ruben Ribeiro left Portugal a few days after his arrest due to accusation of domestic violence.

The wife blamed the 35-year-old Portuguese footballer last month.

Woman introduced several episodes of physical and psychological abuse over the past few years – some of which in front of the couple’s three children.

The court considered that the football player’s wife was in danger and, therefore, arrested Ruben about two weeks ago, November 16th.

The midfielder was questioned by the referee, but later releasedindicating the identity and place of residence – with a ban on contact or approaching the victim and under electronic surveillance.

However, the player has disappeared. O morning Post indicates that the General Directorate of Reintegration and Prison Service went to the defendant’s house to install an electronic surveillance device, but when it arrived, the accused was not.

The player also received a phone call, but this never answered🇧🇷 He did not cooperate, according to the Porto Criminal Court.

The newspaper writes that Ruben Ribeiro is in Turkey – His club is Hatayspor, but the family is still in Portugal.

The court has not yet decided what it will do after that. violation of coercive measures – An international arrest warrant may be issued.

Despite this development, the wife’s lawyer assures that she ” trusting that institutions know how to ensure justice and adequate protection for victims.”

See also  Portuguese League of Legends professional player has created his own brand

Born in Porto, Rubén Ribeiro grew up playing for Boavista and the Leixoyes. Later distinguished himself in the service of river birdwhich brought him a move to Sporting.

He played in Alvalada for only half a season; was one of nine players who terminated the contract with the club after hitting the gym in Alkoshet, 2018.

ZAP //

Continue Reading

Top News

Inevitable consolidation? Portugal’s banking was the second most concentrated in Europe in two decades – ECO

Published

on

Inevitable consolidation?  Portugal's banking was the second most concentrated in Europe in two decades - ECO





Inevitable consolidation? Portugal’s banking was the second most concentrated in Europe in two decades – ECO































Your browser is out of date!

Update your browser to get the best experience and visualization of this site. Update your browser now

×

See also  Miguel Oliveira qualified eighth for the Japanese Grand Prix.
Continue Reading

Trending