UGNazi (Underground Nazi Hacktivist Group) is a

hacker group Hacker groups are informal communities that began to flourish in the early 1980s, with the advent of the home computer. Overview Prior to that time, the term ''hacker'' was simply a referral to any computer hobbyist. The hacker groups were out ...

. The group conducted a series of

cyberattack A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricte ...

s, including social engineering,

data breach A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Other terms are unintentional information disclosure, data leak, inf ...

, and

denial-of-service attack In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conne ...

s, on the websites of various organizations in 2012. Two members of UGNazi were arrested in June 2012; one was incarcerated. In December 2018, two members of UGNazi were arrested in connection with a murder in

Manila Manila ( , ; fil, Maynila, ), officially the City of Manila ( fil, Lungsod ng Maynila, ), is the capital of the Philippines, and its second-most populous city. It is highly urbanized and, as of 2019, was the world's most densely populated ...

Attacks

In January 2012, UGNazi defaced the website of

Ultimate Fighting Championship The Ultimate Fighting Championship (UFC) is an American mixed martial arts (MMA) promotion company based in Las Vegas, Nevada. It is owned and operated by Zuffa, a wholly owned subsidiary of Endeavor Group Holdings. It is the largest MMA ...

in response to the UFC's support of the

Stop Online Piracy Act The Stop Online Piracy Act (SOPA) was a controversial proposed United States congressional bill to expand the ability of U.S. law enforcement to combat online copyright infringement and online trafficking in counterfeit goods. Introduced on O ...

. On April 24, 2012, UGNazi performed distributed denial-of-service attacks on the websites of the

Central Intelligence Agency The Central Intelligence Agency (CIA ), known informally as the Agency and historically as the Company, is a civilian foreign intelligence service of the federal government of the United States, officially tasked with gathering, processing, ...

and the

Department of Justice A justice ministry, ministry of justice, or department of justice is a ministry or other government agency in charge of the administration of justice. The ministry or department is often headed by a minister of justice (minister for justice in a ...

in protest of the

Cyber Intelligence Sharing and Protection Act The Cyber Intelligence Sharing and Protection Act (CISPA (112th Congress), (113th Congress), (114th Congress)) was a proposed law in the United States which would allow for the sharing of Internet traffic information between the U.S. gover ...

. In May 2012, after compromising a database belonging to the

Washington Military Department The Washington Military Department is a branch of the state government of Washington, United States. The Washington State Military Department has several major operational divisions: * Washington Emergency Management Division * Washington Ar ...

, UGNazi leaked sensitive DNS information used by the US state of

Washington Washington commonly refers to: * Washington (state), United States * Washington, D.C., the capital of the United States ** A metonym for the federal government of the United States ** Washington metropolitan area, the metropolitan area centered o ...

. They also leaked the account details of about 16 users, consisting of usernames and password hashes, including those of the website's administrator. UGNazi performed a social engineering attack on

web host A web hosting service is a type of Internet hosting service that hosts websites for clients, i.e. it offers the facilities required for them to create and maintain a site and makes it accessible on the World Wide Web. Companies providing web h ...

billing software developer WHMCS. A member of the group called WHMCS' hosting provider, impersonating a senior employee. They gained

root access In computing, the superuser is a special user account used for system administration. Depending on the operating system (OS), the actual name of this account might be root, administrator, admin or supervisor. In some cases, the actual name of th ...

to WHMCS's web server and leaked WHMCS's SQL database, website files, and

cPanel cPanel is a web hosting control panel software developed by cPanel, LLC. It provides a graphical interface (GUI) and automation tools designed to simplify the process of hosting a web site to the website owner or the "end user". It enables admin ...

configuration. The leaked database contained about 500,000 stored credit card numbers. On June 4, 2012, UGNazi targeted

4chan 4chan is an anonymous English-language imageboard website. Launched by Christopher "moot" Poole in October 2003, the site hosts boards dedicated to a wide variety of topics, from anime and manga to video games, cooking, weapons, television, ...

with a

DNS hijacking DNS hijacking, DNS poisoning, or DNS redirection is the practice of subverting the resolution of Domain Name System (DNS) queries. This can be achieved by malware that overrides a computer's TCP/IP configuration to point at a rogue DNS server unde ...

attack through a vulnerability in

Cloudflare Cloudflare, Inc. is an American content delivery network and DDoS mitigation company, founded in 2009. It primarily acts as a reverse proxy between a website's visitor and the Cloudflare customer's hosting provider. Its headquarters are in Sa ...

's use of

Google Google LLC () is an American Multinational corporation, multinational technology company focusing on Search Engine, search engine technology, online advertising, cloud computing, software, computer software, quantum computing, e-commerce, ar ...

two-factor authentication Multi-factor authentication (MFA; encompassing two-factor authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting ...

system, redirecting visitors to UGNazi's

Twitter Twitter is an online social media and social networking service owned and operated by American company Twitter, Inc., on which users post and interact with 280-character-long messages known as "tweets". Registered users can post, like, and ...

account. UGNazi attacked the non-profit organization

Wounded Warrior Project Wounded Warrior Project (WWP) is an American charity and veterans service organization that offers a variety of programs, services and events for wounded veterans of the military actions following September 11, 2001. It operates as a nonprofit ...

and released the Project's database on June 6, 2012. In June of 2012, the leader of UGNazi stole the information of over 411,000 credit cards and compromised over 47 companies and government organizations estimating to be around $205 million. On June 8, 2012, UGNazi hacked the website of

Wawa Inc Wawa may refer to: People *Wawa (Taiwanese singer) (born 1964), Taiwanese singer * Vava (rapper) (born 1995), Chinese rapper *Wawa, stage name of deaf American rapper and dancer Warren Snipe * Wawa (Malagasy musician) *Wawa of Mataram, king of M ...

and defaced their webpage. On June 21, 2012, UGNazi claimed they took popular social media website

down for two hours via a denial of service attack.

Sam Biddle Sam Faulkner Biddle (born 1986) is an American technology journalist. He is a reporter for ''The Intercept'', and was formerly a senior writer at Gawker, the editor of the news website Valleywag, and a reporter at Gizmodo. Education Biddle atte ...

Gizmodo ''Gizmodo'' ( ) is a design, technology, science and science fiction website. It was originally launched as part of the Gawker Media network run by Nick Denton, and runs on the Kinja platform. ''Gizmodo'' also includes the subsite '' io9'', ...

disputed the veracity of the claim. UGNazi hacked into the Twitter accounts of

Shirley Phelps-Roper Shirley Lynn Phelps-Roper (born October 31, 1957) is an American lawyer and political activist. She was the lead spokesperson of the Westboro Baptist Church of Topeka, Kansas, an organization that protests against homosexuality conducted under t ...

on December 17, 2012, and Fred Phelps Jr. on December 19, 2012, in opposition to the

Westboro Baptist Church The Westboro Baptist Church (WBC) is a small American, unaffiliated Primitive Baptist church in Topeka, Kansas, founded in 1955 by pastor Fred Phelps. Labeled a hate group, WBC is known for engaging in homophobic and anti-American pickets, ...

's planned protest following the Sandy Hook Elementary School shootings. In January 2021,

Parler Parler () is an American alt-tech social networking service associated with conservatives. Journalists have described Parler as an alt-tech alternative to Twitter, and users include those banned from mainstream social networks or who oppose t ...

CEO John Matze alleged to

Fox News The Fox News Channel, abbreviated FNC, commonly known as Fox News, and stylized in all caps, is an American multinational conservative cable news television channel based in New York City. It is owned by Fox News Media, which itself is o ...

that UGNazi was actively working to facilitate targeted harassment of himself and his family following the temporary take-down of Parler, a far-right social network implicated in the

2021 storming of the United States Capitol On January 6, 2021, following the defeat of then-United States President, U.S. President Donald Trump in the 2020 United States presidential election, 2020 presidential election, a mob of his supporters attacked the United States Capitol, U ...

Arrests and sentencing

Mir Islam ("Josh the God") and Eric Taylor ("Cosmo the God") of UGNazi were arrested on June 26, 2012 as a result of Operation Card Shop, a

Federal Bureau of Investigation The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice ...

investigation into

identity theft Identity theft occurs when someone uses another person's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term ''identity theft'' was c ...

and

credit card fraud Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The ...

. Islam was apprehended in

Manhattan Manhattan (), known regionally as the City, is the most densely populated and geographically smallest of the five boroughs of New York City. The borough is also coextensive with New York County, one of the original counties of the U.S. state ...

after he attempted to withdraw money using a stolen ATM card. On November 7, 2012, Taylor was sentenced in juvenile court in

Long Beach, California Long Beach is a city in Los Angeles County, California. It is the 42nd-most populous city in the United States, with a population of 466,742 as of 2020. A charter city, Long Beach is the seventh-most populous city in California. Incorporate ...

. Taylor pleaded guilty to multiple felonies, including credit card fraud, identity theft,

bomb threat A bomb threat or bomb scare is a threat, usually verbal or written, to detonate an explosive or incendiary device to cause property damage, death, injuries, and/or incite fear, whether or not such a device actually exists. History Bomb threat ...

s, and online impersonation, in exchange for a probation. The terms of the plea placed him on probation until his 21st birthday, restricted his internet access, and required him to forfeit seized assets. On December 24, 2018, Troy Woody ("Osama the God") and Mir Islam ("Josh the God") of UGNazi were arrested in

murder Murder is the unlawful killing of another human without justification or valid excuse, especially the unlawful killing of another human with malice aforethought. ("The killing of another person without justification or excuse, especially the ...

charges related to the death of Tomi Masters, Woody's girlfriend. Woody and Islam dumped a box containing Masters's body in the Pasig River. Both members of UGNazi confirmed that they handled the box, but individually denied killing Masters. Woody and Islam pleaded not guilty to the charges on February 11, 2019, and the trial was scheduled for March 13.

References

External links

* {{Hacking in the 2010s Hacker groups Carding (fraud) Criminal organizations