Emerging Threats

Team GhostShell hacking group is back

Written by a NortonLifeLock employee


A group of hackers known as Team GhostShell, claims to have hacked a multitude of organizations, including financial institutions, government agencies, political groups, law enforcement entities, and universities. Using a Twitter account, these cybercriminals are dumping the data that was allegedly gathered from the data breaches, and posting links to the data dumps on Twitter. These data dumps include emails, user names, addresses, telephone numbers, Skype names, dates of birth, and other personally identifiable information. This is not the first time we have seen activity from this group, as back in 2012 they were in the spotlight for similar types of hacks. Symantec has been keeping an eye on this group since these events. It seems that the websites they are targeting now have no relation to each other, and this group is probably just targeting websites with security vulnerabilities.

A security suite that helps protect your devices.

Free security software just doesn’t have the resources to keep up with new threats as they emerge. That’s why you need a multi-layered defense to security. Meet Norton Security Premium — protection for up to 10 of your devices.

How does Team GhostShell’s activities affect my information?

Once cybercriminals get a hold of personal information, they can use it to try to access your accounts in many ways. Since this group is going after more information than just passwords, such as addresses, telephone numbers and dates of birth, criminals can use this data to try to guess your password via security questions. The fact that this group is posting the information to Twitter for all the world to see, means that other cybercriminals can get a hold of this sensitive data and use it for other crimes such as identity theft and more.

How do I stay safe?

  • If your passwords aren’t secure, change them. It was no surprise that the group found many instances of the classically weak “123456.”
  • Do not reuse passwords across multiple sites. If your banking password and Facebook password are the same, that just makes it all the easier for the cybercriminals to get into more of your accounts. Yes, it can be difficult to try to remember what password you use where, but password managers are going to be your new best friend.
  • Use two-factor authentication when available to add an extra layer of security to your account.
  • Being proactive can go a long way. Be sure that you are always monitoring current accounts, particularly bank accounts, for suspicious activity. If your bank allows for text and email alerts, sign up for them.

Our best protection. One low price

Norton Security Premium helps protect up to 10 of your Windows PCs, Macs, Android smartphones or your iPads.

Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2020 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.