ByteToBreach leaked the full source code of Sweden’s E‑Government platform, claiming it was harvested from a heavily compromised CGI Sverige AB infrastructure. The actor also exposed staff databases, API signing systems, Jenkins SSH pivot credentials, RCE endpoints, and is selling citizen PII and electronic signing documents separately. #ByteToBreach #CGISverige
Keypoints
- ByteToBreach published the entire Sweden E‑Government platform source code allegedly taken from compromised CGI Sverige AB infrastructure.
- The leak listing includes staff databases, API document‑signing systems, Jenkins SSH pivot credentials, RCE test endpoints, and initial foothold/jailbreak artifacts.
- Attack techniques cited include a full Jenkins compromise, Docker escape from Jenkins user in the Docker group, SSH private‑key pivots, .hprof reconnaissance, and SQL copy‑to‑program pivots.
- The source code was released for free with multiple backup download links, while citizen PII and electronic signing documents are being sold separately.
- The actor referenced prior breaches (Viking Line, Slavia Pojistovna) and emphasized the compromise is attributable to CGI infrastructure, noting critical impact on Swedish government services.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!