The Impact-Team, the hacking group which is allegedly behind the greatest hack this year has just released a second archive containing data from Ashley Madison on the same webpage as the first one. This time, the leak contains lots of source code
73 different git repositories are present Ashley Madison used gitlab internally. The 13GB compressed file which could contain AM CEO’s emails seems corrupted. Is it a fake one? The leak contains plain text or poorly hashed (md5) db credentials. It was also released with a message referring to AM CEO, Noel Biderman, who stated that the previous leak might be a fake.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey Noel, you can admit it's real now - -Impact Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJV1VRfAAoJECQ3PNV0q6o4rKMP/0+1JUAg3fTN5iL7kqfoAKj/ YM5Ed5ZzUtsIdwZOmm9zuxyFSTVIwslf8tMyYBnSCGMpT7zXwckkcyJmGR7yu6tj f+CiBcwZOfVfGWsxV69PrfvBbmHoIovuBv2n6fVhRWkzgpotRyK1WNHTDBWKkrKP LKtXp+9xp/8d1f8wPMTU7HDiRNPaG1PErFtr4T7E/OiSPXNiaFRAWMm6kDDazVeD fTNoCaJchz4GEz5DXlePS+cX3CoNms8w+1OFKdxjux7WsVqquNY6yjcm9tP1ybvT nvzJYLz0dYwxJ/THgHARr+zJjZsFNKeL1Ts1F7j4TXl41YWr0N+H/Ohm7WtTMb2I 4trpNrag/7vOn89YPNbhPH4MKTepkbRtlHucorrh6YMbULKpkf970DmG8HqzVNEj nyA/KTgWL2hSfUvLdcBvG27dD7HWR/k81uBCd6uie3L2JO8wFVIuATwGUFAWWX5y NvcQgF/xgvvBrxTs4nNWs5TguNychtQTc1duUi0QrAE2DZkBWpSxG3HE5rLhQUDn 7ImbbHnNU9+PgwV+LxRCAPoUMDJc85/QG0+UMW2MJC2iGOKcPQD4BpmTNOfvJlU+ RB98fH+VWVfBT+/KdfqoDI3liiR6BAX9aCIQMhVpJnA7owMh+/HOLEeh/AbQnp59 ft1FwTGBCJB/eXxYf/1P =5omL -----END PGP SIGNATURE-----
The archive is 19GB, which is the double of the first part of the leak. It contains the following files:
The leak contains lots of gitlab repositories. Here are the name of the projects and the name of the different repositories:
Contains all gitlab repositories related to the website.
avid is the name of the company behind Ashley Madison.
This archive contains 12 gitlab repositories, belonging to the avid user.
The repositories are:
Contains four gitlab git repositories belonging to a qa user. The four repositories are qa-duck.wiki, qa-duck, qa-automation and am-automation.
More to come as I scrap through the data from this archive. This article will be updated during the next hours (dl @92.2%. And slowly downloading. Yay.)
Another (more complete) article will come in a few days with details on both parts of this leak.