Neo-Nazis are attempting to use 25,000 purportedly hacked email addresses and passwords to prey on employees of the World Health Organization (WHO), the USA National Institutes of Health, and the Bill & Melinda Gates Foundation.
The data were said to have been stolen by a group of unknown hackers and spread online in the last few days through far-right extremists, according to SITE Intelligence Group, the online terror monitoring organization.
SITE said it couldn't fully confirm the facts were genuine, but it was being "aggressively" circulated.
25,000 email addresses and passwords from the CDC, WHO, Gates Foundation were dumped online
Robert Potter, an Australian cybersecurity expert, told The Washington Post that he was able to verify that the WHO email addresses and passwords were real.
Based on a list of the records acquired by Motherboard, the situation appears to be an aggregation of formerly-hacked usernames and passwords that were compiled from previous data breaches of various companies.
However, Motherboard cannot confirm where the list came from and how it was compiled. Motherboard ran a chain of the email addresses through the internet site haveibeenpwned.com, which collects breaches.
The group observed that each of the addresses they examined has previously been part of known data breaches. Many of them were confirmed to be circulating in big aggregated lists of usernames and passwords tracked by the website.
If those are from previous records breaches, that means the credentials being traded might be from sites unrelated to their official occupations. These might be logins for websites that had been hacked--not for any WHO or Gates Foundation systems--and would not work unless until the users were reusing their passwords.
Far-right extremists sowing disinformation
Far-right extremists have recently been enamored with sowing disinformation about the COVID-19 pandemic, stoking protests and anti-government sentiment in hopes of making social chaos. Specialists have warned that people trying to create chaos have taken the opportunity of the coronavirus pandemic to test countries' governments worldwide.
Discussions on data dump were first seen on the online site 9chan on Monday night, April 20. The data then quickly spread to various social media platforms.
SITE Intelligence, a US-based terrorism watchdog, first spotted the information. The group followed it to a Telegram group with over 5,000 followers and links to neo-Nazi terrorist groups Atomwaffen Division and The Base. Both groups have been under an extreme, nationwide FBI crackdown in current months.
SITE Executive director Rita Katz said far-right extremists' distribution of allegedly hacked data is fitting with how they have targeted medical organizations and healthcare personnel amid the pandemic.
"Whether out of accelerationist or conspiratorial-minded motivations, white supremacists and Neo-Nazis have called to vandalize hospitals, intentionally infect medical workers, and beyond," she said.
Katz said that the hacked information could cause continued conspiracy theories proliferating about the pandemic, and the potential for violent actors to react on the fake and harmful theories.
"Far-right communities online have an enormous capacity to disseminate this hacked data, especially as their audience grow amid this pandemic," Katz said.