The Australian Federal Police has arrested two men over an alleged hacking campaign which targeted local corporate and government websites, one of whom the agency claims was involved in the 2012 attack on domain name registrar Melbourne IT.
A 40 year old West Australian man and an 18 year old resident of Penrith in New South Wales were charged last night after AFP officers raided residential addresses in Penrith and Scarborough in WA.
Officers seized "a number" of hard drives containing a large amount of information, which the agency expects to spend the next few monhts analysing.
The AFP alleged in separate court hearings today that the two men worked together online as members of the Anonymous collective to target "a large internet service provider" as well as web servers hosting Australian and Indonesian government websites.
The WA man was charged with aiding the unauthorised modification of Melbourne IT's network in Brisbane, as well as unauthorised modification of the Indonesian Government's web servers.
The Penrith man was charged with unauthorised modification to Canberra-based ISP Netspeed, as well as unauthorised access to and modification of restricted data belonging to the ACT Long Service Leave Board.
NetSpeed's web servers were compromised late last year in an attempt to access data from the ACT Long Service Leave Board's website. The attacker was unsuccessful as the hosting of the website had been recently transferred to another internet service provider, iTnews understands.
Both today appeared in separate court hearings in their respective states. The WA man was bailed to appear next on 27 June, and the Penrith man was bailed to appear on 13 June.
In 2012 a backup of AAPT's business website was accessed by hackers, with around 40GB of customer data compromised.
Hackers were able to retrieve the then-12 month old data files from a server hosted by Melbourne IT through an unpatched Adobe Cold Fusion vulnerability. Some customer names, addresses and phone numbers were later leaked to Pastebin, with a number of the records coming from Federal Government agencies.
The same hackers also defaced Queensland Government websites hosted by Melbourne IT, with contact and other database information similarly posted online.