EC Council website that certifies ethical hackers has been hacked

The company that is most famous for its Certified Ethical Hacker(CEH) certification has been hacked by a hacker who claims to be a 'certified unethical software security professional' going by the alias Eugene Belford. EC Council is the world's leading provider of certifications and training in the information security domain led and co-founded by Indian born Jay Bavisi.

The hacker left the EC-Council website with the Passport of Edward Snowden. According to the New York Times, NSA whistleblower Edward Snowden took a course and received a certification from EC-Council as a "Certified Ethical Hacker," his application for the same is uploaded on the website as well. Interestingly, according to Delhi-based Koenig training institute, Snowden attended a six-day "security analyst and ethical hacker" course there which would prepare Snowden for another EC-Council course EC Council Certified Security Analyst (ECSA).

The hack was confirmed by many security researchers from all over the world in a matter of minutes including Kevin Mitnick, world's most wanted computer hacker turned security consultant who tweeted “EC Council hacked? Snowden's passport page was on their website”. Ian Fagan, a security researcher from New Jersey pointed out that the alias is from a popular movie called Hackers, “Eugene Belford aka ThePlauge from HACKERS the movie!” he tweeted

According to Virus Total, ”The IP address that is controlling the attack was used earlier this month in an attack on a Flash-based game called Realm of the Mad God.” The exact amount of damage caused by the attacker is yet unknown but when we look at the source code of the page we know the attacker uploaded the two pictures directly on to the EC-Council web server which means that the website is definitely compromised.

DNA attempted to contact EC-Council but there was no response.