UGNazi (Underground Nazi Hacktivist Group) is a

hacker group Hacker groups are informal communities that began to flourish in the early 1980s, with the advent of the home computer. Overview Prior to that time, the term ''hacker'' was simply a referral to any Hacker (hobbyist), computer hobbyist. The hacker ...

. The group conducted a series of

cyberattack A cyberattack (or cyber attack) occurs when there is an unauthorized action against computer infrastructure that compromises the confidentiality, integrity, or availability of its content. The rising dependence on increasingly complex and inte ...

s, including social engineering,

data breach A data breach, also known as data leakage, is "the unauthorized exposure, disclosure, or loss of personal information". Attackers have a variety of motives, from financial gain to political activism, political repression, and espionage. There ...

, and

denial-of-service attack In computing, a denial-of-service attack (DoS attack) is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host co ...

s, on the websites of various organizations in 2012. Two members of UGNazi were arrested in June 2012; one was incarcerated. In December 2018, two members of UGNazi were arrested in connection with a murder in

Manila Manila, officially the City of Manila, is the Capital of the Philippines, capital and second-most populous city of the Philippines after Quezon City, with a population of 1,846,513 people in 2020. Located on the eastern shore of Manila Bay on ...

Attacks

In January 2012, UGNazi defaced the website of

Ultimate Fighting Championship The Ultimate Fighting Championship (UFC) is an American mixed martial arts (MMA) promoter (entertainment), promotion company based in Las Vegas, Nevada. It is owned and operated by TKO Group Holdings, a majority owned subsidiary of Endeavor ( ...

in response to the UFC's support of the

Stop Online Piracy Act The Stop Online Piracy Act (SOPA) was a proposed United States congressional bill to expand the ability of U.S. law enforcement to combat online copyright infringement and online trafficking in counterfeit goods. Introduced on October 26, 20 ...

. On April 24, 2012, UGNazi performed

distributed denial-of-service attack In computing, a denial-of-service attack (DoS attack) is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conne ...

s on the websites of the

Central Intelligence Agency The Central Intelligence Agency (CIA; ) is a civilian foreign intelligence service of the federal government of the United States tasked with advancing national security through collecting and analyzing intelligence from around the world and ...

and the

Department of Justice A justice ministry, ministry of justice, or department of justice, is a ministry or other government agency in charge of the administration of justice. The ministry or department is often headed by a minister of justice (minister for justice in a ...

in protest of the

Cyber Intelligence Sharing and Protection Act The Cyber Intelligence Sharing and Protection Act (CISPA (112th Congress), (113th Congress), (114th Congress)) was a proposed law in the United States which would allow for the sharing of Internet traffic information between the U.S. gove ...

. In May 2012, after compromising a database belonging to the

Washington Military Department The Washington State Military Department is a branch of the state government of Washington, United States. The Washington State Military Department has several major operational divisions: * Washington Emergency Management Division * Washington ...

, UGNazi leaked sensitive

DNS The Domain Name System (DNS) is a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various informatio ...

information used by the US state of

Washington Washington most commonly refers to: * George Washington (1732–1799), the first president of the United States * Washington (state), a state in the Pacific Northwest of the United States * Washington, D.C., the capital of the United States ** A ...

. They also leaked the account details of about 16 users, consisting of usernames and password hashes, including those of the website's administrator. UGNazi performed a social engineering attack on

web host A web hosting service is a type of Internet hosting service that hosts websites for clients, i.e. it offers the facilities required for them to create and maintain a site and makes it accessible on the World Wide Web. Companies providing web h ...

billing software developer WHMCS. A member of the group called WHMCS' hosting provider, impersonating a senior employee. They gained

root access In computing, the superuser is a special user account used for system administration. Depending on the operating system (OS), the actual name of this account might be root, administrator, admin or supervisor. In some cases, the actual name of the ...

to WHMCS's web server and leaked WHMCS's

SQL Structured Query Language (SQL) (pronounced ''S-Q-L''; or alternatively as "sequel") is a domain-specific language used to manage data, especially in a relational database management system (RDBMS). It is particularly useful in handling s ...

database, website files, and

cPanel cPanel is web hosting control panel software developed by cPanel, L.L.C. It provides a graphical interface (GUI) and automation tools designed to simplify the process of hosting a web site for the website owner or "end user". It enables adminis ...

configuration. The leaked database contained about 500,000 stored credit card numbers. On June 4, 2012, UGNazi targeted

4chan 4chan is an anonymous English-language imageboard website. Launched by Christopher "moot" Poole in October 2003, the site hosts boards dedicated to a wide variety of topics, from video games and television to literature, cooking, weapons, mu ...

with a

DNS hijacking DNS hijacking, DNS poisoning, or DNS redirection is the practice of subverting the resolution of Domain Name System (DNS) queries. This can be achieved by malware that overrides a computer's TCP/IP configuration to point at a rogue DNS server unde ...

attack through a vulnerability in

Cloudflare Cloudflare, Inc., is an American company that provides content delivery network services, cybersecurity, DDoS mitigation, wide area network services, reverse proxies, Domain Name Service, ICANN-accredited domain registration, and other se ...

's use of

Google Google LLC (, ) is an American multinational corporation and technology company focusing on online advertising, search engine technology, cloud computing, computer software, quantum computing, e-commerce, consumer electronics, and artificial ...

two-factor authentication Multi-factor authentication (MFA; two-factor authentication, or 2FA) is an electronic authentication method in which a user is granted access to a website or Application software, application only after successfully presenting two or more distin ...

system, redirecting visitors to UGNazi's

Twitter Twitter, officially known as X since 2023, is an American microblogging and social networking service. It is one of the world's largest social media platforms and one of the most-visited websites. Users can share short text messages, image ...

account. UGNazi attacked the non-profit organization

Wounded Warrior Project Wounded Warrior Project (WWP) is an American charity and veterans service organization that operates as a nonprofit 501(c)(3). WWP offers a variety of programs, services and events for wounded veterans who incurred a physical or mental injury, ...

and released the Project's database on June 6, 2012. In June of 2012, the leader of UGNazi stole the information of over 411,000 credit cards and compromised over 47 companies and government organizations estimating to be around $205 million. On June 8, 2012, UGNazi hacked the website of Wawa Inc and defaced their webpage. On June 21, 2012, UGNazi claimed they took popular social media website

down for two hours via a denial of service attack. Sam Biddle of

Gizmodo ''Gizmodo'' () is a design, technology, science, and science fiction website. It was originally launched as part of the Gawker Media network run by Nick Denton. ''Gizmodo'' also includes the sub-blogs ''io9'' and ''Earther'', which focus on pop ...

disputed the veracity of the claim. UGNazi hacked into the Twitter accounts of

Shirley Phelps-Roper Shirley Lynn Phelps-Roper ( Phelps; born October 31, 1957) is an American lawyer and political activist. She was the lead spokesperson of the Westboro Baptist Church of Topeka, Kansas, an organization that protests against homosexuality conduc ...

on December 17, 2012, and Fred Phelps Jr. on December 19, 2012, in opposition to the

Westboro Baptist Church The Westboro Baptist Church (WBC) is an American unaffiliated Primitive Baptists, Primitive Baptist church in Topeka, Kansas, that was founded in 1955 by pastor Fred Phelps. It is widely considered a hate group and a cult, and is known for Prot ...

's planned protest following the Sandy Hook Elementary School shootings. In January 2021,

Parler Parler (pronounced "parlor") is an American alt-tech social networking service associated with conservatives. Launched in August 2018, Parler marketed itself as a free speech-focused and unbiased alternative to mainstream social networks s ...

CEO

John Matze Parler (pronounced "parlor") is an American alt-tech social networking service associated with conservatives. Launched in August 2018, Parler marketed itself as a free speech-focused and unbiased alternative to mainstream social networks ...

alleged to

Fox News The Fox News Channel (FNC), commonly known as Fox News, is an American Multinational corporation, multinational Conservatism in the United States, conservative List of news television channels, news and political commentary Television stati ...

that UGNazi was actively working to facilitate targeted harassment of himself and his family following the temporary take-down of Parler, a far-right social network implicated in the

2021 storming of the United States Capitol On January 6, 2021, the United States Capitol in Washington, D.C., was attacked by a mob of supporters of President Donald Trump in an attempted self-coup,Multiple sources: * * * * * * * * * * * * * two months after his defea ...

Arrests and sentencing

Mir Islam ("Josh the God") and Eric Taylor ("Cosmo the God") of UGNazi were arrested on June 26, 2012 as a result of Operation Card Shop, a

Federal Bureau of Investigation The Federal Bureau of Investigation (FBI) is the domestic Intelligence agency, intelligence and Security agency, security service of the United States and Federal law enforcement in the United States, its principal federal law enforcement ag ...

investigation into

identity theft Identity theft, identity piracy or identity infringement occurs when someone uses another's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. ...

and

credit card fraud Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The P ...

. Islam was apprehended in

Manhattan Manhattan ( ) is the most densely populated and geographically smallest of the Boroughs of New York City, five boroughs of New York City. Coextensive with New York County, Manhattan is the County statistics of the United States#Smallest, larg ...

after he attempted to withdraw money using a stolen ATM card. On November 7, 2012, Taylor was sentenced in juvenile court in

Long Beach, California Long Beach is a coastal city in southeastern Los Angeles County, California, United States. It is the list of United States cities by population, 44th-most populous city in the United States, with a population of 451,307 as of 2022. A charter ci ...

. Taylor pleaded guilty to multiple felonies, including credit card fraud, identity theft,

bomb threat A bomb threat or bomb scare is a threat, usually verbal or written, to detonate an explosive or incendiary device to cause property damage, death, injuries, and/or incite fear, whether or not such a device actually exists. History Bomb threats ...

s, and online impersonation, in exchange for a probation. The terms of the plea placed him on probation until his 21st birthday, restricted his internet access, and required him to forfeit seized assets. On December 24, 2018, members Troy Woody ("Osama the God") and Islam were arrested in

murder Murder is the unlawful killing of another human without justification (jurisprudence), justification or valid excuse (legal), excuse committed with the necessary Intention (criminal law), intention as defined by the law in a specific jurisd ...

charges related to the death of Tomi Masters, Woody's girlfriend. Woody and Islam dumped a box containing Masters's body in the

Pasig River The Pasig River (; ) is a water body in the Philippines that connects Laguna de Bay to Manila Bay. Stretching for , it bisects the Philippine capital of Manila and Metro Manila, its surrounding urban area into northern and southern halves. Its m ...

. Both members of UGNazi confirmed that they handled the box, but individually denied killing Masters. Woody and Islam pleaded not guilty to the charges on February 11, 2019, and the trial was scheduled for March 13.

References

External links

* {{Hacking in the 2010s Carding (fraud) Hacker groups