A portion of client information from much-respected anti-virus firm BitDefender has leaked on-line and, as per the hacker who took the info and tried to extort the firm, usernames and passwords weren't encrypted.
The Hacker told that all the information he scarf was unencrypted. Usernames and passwords seen were in plain text and would have been tough to crack if antecedently encrypted, given the standard of the passwords. A Further investigation is going on.
The Romanian security company aforesaid in AN emailed statement it found a possible security issue with a server and determined one application was targeted – a part of its public cloud providing. The attack didn't penetrate the server, however “a vulnerability probably enabled exposure of a number of user accounts and passwords”. The attack leaked a “very limited” range of usernames and passwords, representing “less than one per cent of our SMB customers”, the representative says.
“The issue was instantly resolved and, further security measures were placed in so as to stop it from reoccurring. As an additional precaution, a password reset notice was sent to all or any potential affected customers,” the representative added . “This doesn't have an effect on our client or enterprise customers. Our investigation disclosed no alternative server or services were attacked.”
As of last Friday, DetoxRansome had demanded BitDefender pay $15,000 or see its client info leaked. Over the weekend, the hacker drop some information on-line, that looked as if it would contain quite 250 customers’ usernames and passwords. Some emails had .gov domain extensions, indicating government customers were affected. Seems the ransom wasn't paid, while BitDefender couldn't give any further details because of the continued investigating.
In AN email, DetoxRansome says that they had taken full-control of 2 BitDefender cloud servers and “got all logins”. “Yes they were unencrypted, I will prove it… they were using Amazon Elastic web cloud that is disreputable for SSL [a type of encryption] issues.” There was no proof Amazon web Services,was the cause. Amazon’s cloud arm features a policy that states it provides the infrastructure and customers are liable for their application security.
Whilst it doesn’t appear a large quantity of information was taken, as the hacker was able to grab unencrypted usernames and passwords from a security company.
Researchers and hackers have proved that even security companies are vulnerable repeatedly in recent months. This year saw Russian anti-virus firm Kaspersky was breached, tho' it believes government-sponsored hackers were liable as a part of a police investigation operation, not criminals once who runs after cash, although there were claims Israel and United States intelligence agents could have been part of it.
Documents leaked by Edward Snowden conjointly showed the United States intelligence agency had targeted an oversized range of anti-virus firms, together with BitDefender. Days after subsequent revelation, a Google developer elaborated loop-holes in ESET anti-virus.
Hacking Team, a supplier of spyware for Government organization, was conjointly hacked. It appeared the individual liable was AN activist hoping to reveal the Italian company and its history of merchandising to regimes with questionable records on human rights problems.
If it’s not clear already, even security companies are susceptible to compromise, regardless of the motivation of the attackers.