Anonymous hacks Panda Security

Discussion in 'other security issues & news' started by PaulBB, Mar 7, 2012.

Thread Status:
Not open for further replies.
  1. PaulBB

    PaulBB Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    708
    Anonymous hacks Panda Security in response to LulzSec arrests

    Full article:

    http://www.zdnet.com/blog/security/...security-in-response-to-lulzsec-arrests/10542
     
  2. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    I am trying my hardest, but I still can't take anyone in that group seriously. I do know if I was on the black hat side of the spectrum I would use that group’s name and actions a lot to mask my tracks.

    In this case I believe some individuals found some flaws to target Panda Security, and hacked them for that cause alone. The mantra of retaliation was something thrown in after the fact. See my main point above. :rolleyes:
     
  3. badkins79

    badkins79 Registered Member

    Joined:
    Dec 23, 2011
    Posts:
    60
    Location:
    Maryland
    Has anyone found out how they got in? The defacement writing sort of implies that they exploited a flaw in the panda antivirus product, but panda's response says only their marketing site's web server was breached. I would doubt they were running a desktop AV on a webserver.
     
  4. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    Yup that server seems to have only been the marketing server. No idea how they got in maybe the found an old ad and injected/exploited their way?
     
  5. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    This hasn't affected the AV right?

    "pandasecurity.com, better known for its s**tty ANTIVIRUS WE HAVE BACKDOORED"

    And I support Panda even more now for helping stop Anonymous. Anonymous targeted them partly because they expressed joy that the hackers were arrested, yet I thought they supported freedom of speech? :rolleyes:

    I don't know, don't get me started on these guys. For every 1 good hack they do, like targeting child-porn users, they do 9 stupid hacks like this.
     
  6. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    No as far as I am aware this has not affected the AV at all.
     
  7. pbust

    pbust AV Expert

    Joined:
    Apr 29, 2009
    Posts:
    1,173
    Location:
    Spain
    The server was hosted externally by a hosting company and was used for marketing purposes only (landing pages, blogs, etc.). This server had no connection to our internal network.

    The AV hasn't been backdoored, our network was not breached and neither update servers nor customer data accessed.
     
  8. Troels

    Troels Registered Member

    Joined:
    Mar 7, 2012
    Posts:
    2
    Location:
    Denmark
    Hello Pedro

    I hope for your Company it is the truth.
    Credentials and data posted on your defaced websites
    Indicates the group got hold of more than
    You describe in your Press release and in this thread.

    Coment. ?


    Br

    Troels
     
  9. pbust

    pbust AV Expert

    Joined:
    Apr 29, 2009
    Posts:
    1,173
    Location:
    Spain
    The only "non-truth" in this entire ordeal is the information posted on the defaced page, such as that we helped the FBI in the Sabu and other arrests, that our AV has been backdoor'd or that our internal network was compromised.
     
  10. Troels

    Troels Registered Member

    Joined:
    Mar 7, 2012
    Posts:
    2
    Location:
    Denmark
    Thank you for your reply.

    This being a security site, I need to comment on I was just amazed by how quickly Panda Security posted a press release, promising their clients and public that there is no harm/penetration done to your internal network perimeter, only few hours after the defaced pages went online ??

    As I understand it, there was also a statement that the posted user credentials was only for former employees. I can see quite a few are still working at panda Security ?


    BR.

    Troels
     
    Last edited: Mar 7, 2012
  11. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    ot post removed
     
  12. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    Hackers attack Panda Labs site after Anonymous arrests ~ BBC News Technology

    "Court papers unsealed on Tuesday revealed that Hector Xavier Monsegur - known as Sabu - had pleaded guilty to 12 criminal charges in August. The FBI said he faced a maximum sentence of more than 124 years in prison."

    Will he have to serve them all? It will be about 2136 before he gets out. Maybe he'll get to try Windows 83 when he's finally released?
     
  13. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    No, he won't get anywhere near that time, simply because he helped them take the others down. Computer crime (save for kid porn in most case), is one area in which LEA will make deals with you rather easily if they think you've got enough meat on the bone to give them.

    Unless this guy gets turned into a white-hat for the government or another high-profile organization, he'll never be allowed to even stare too long at another computer. But he's not going to get loads of jail time.
     
  14. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    Oh right OK. Otherwise he wouldn't have seen daylight until the 22nd century. I had to think about the acronym LEA a bit as it usually means 'Local Education Authority' to me. :D

    Maybe the government will employ him if he's that good.
     
  15. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    That could very well be all the guy ever wanted. He just didn't have a good CV to apply for a government job. :doubt: :D
     
  16. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    http://www.infosecisland.com/blogview/20619-Panda-Security-Suffers-the-Wrath-of-AntiSec.html

    This looks like contradicting some of the statements in here.
     
  17. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    You beat me, fax, with the link to that article at infosecisland :) I had just read it. In addition: noteworth is that it is written by dear, good old Kevin McAleavey.
     
  18. pbust

    pbust AV Expert

    Joined:
    Apr 29, 2009
    Posts:
    1,173
    Location:
    Spain
    This article is just a bunch of FUD. Where did he come up with his "facts" saying that the teamviewer accounts were for the PandaLabs servers? Also that they had credentials to our cloud-scanning infrastructureo_O We already said that they only gained accessed to an external server used for marketing landing pages and blogs which had absolutely no valuable information nor connection to our internal network. This guy is a clueless journalist making up stuff to throw more gas into the fire and get some more page hits.
     
  19. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Hi pbust,

    Kevin McAleavey may be wrong and you may be right, or viceversa, but he surely is not a journalist.
     
  20. pbust

    pbust AV Expert

    Joined:
    Apr 29, 2009
    Posts:
    1,173
    Location:
    Spain
    Yeah you got that right. At least some ethical journalists don't make stuff up.
     
  21. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    What exactly got I right? That Kevin may be wrong and you may be right, or the viceversa (Kevin being right and you are being wrong)?
     
  22. pbust

    pbust AV Expert

    Joined:
    Apr 29, 2009
    Posts:
    1,173
    Location:
    Spain
    That he's not a journalist.
     
  23. JimboW

    JimboW Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    209
    Panda statement on facebook.

    hxxps://www.facebook.com/PandaUSA/posts/10150581593176701
    pbust, I only use the URL filter. Can you explain why this isn't working properly. hxxp://www.cloudantivirus.com/testurlfilter
     
  24. pbust

    pbust AV Expert

    Joined:
    Apr 29, 2009
    Posts:
    1,173
    Location:
    Spain
    Because the block page from the URL filter was hosted on the server that was hacked and its still down.
     
  25. JimboW

    JimboW Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    209
    Yep, looks like it's just the block page. I just tested some links on MDL and they are being blocked so the URL filter is functioning correctly.:thumb:
     
Loading...
Thread Status:
Not open for further replies.