Unu Gets Kaspersky (again)

Discussion in 'other security issues & news' started by format_c, Dec 11, 2009.

Thread Status:
Not open for further replies.
  1. format_c

    format_c Registered Member

    Joined:
    May 6, 2008
    Posts:
    116
    Unu Gets Kaspersky (again)

    Unu, a Romanian hacker (he who may enjoy the challenge of breaking into other computers but does no harm) who we’ve talked about on the site before has been busy with his fifth demonstrated SQL Injection vulnerability on the web site of a well known company in the last 30 days. This time he has again targeted Kaspersky Labs, the anti-virus vendor that he previously demonstrated web site vulnerabilities for back on February 7th of this year. The sites affected this time around are the Kaspersky Lab sites in Malaysia http://www.kaspersky.com.my and Singapore http://www.kaspersky.com.sg. On both sites it is a news section, news.php, that is vulnerable, leading to the same MySQL database backend, and exposing customer and employee access credentials as well as what appear to be activation keys for Kaspersky Internet Security 2010.
     
  2. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,905
    Location:
    U.S.A.
    Removed several Off Topic posts. May I remind all Wilders members to peruse No offense?! Yes, really!! There is no need to offend each other.

    Please keep on topic and be civil. Thanks!

    JR
     
  3. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    is this the same hacker that made a load of claims of which 99% of them turned out to be untrue?:-ie where he got access to and info he was able to access
     
  4. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London
    Actually, he was able to access, but didn't pursue. He claims because he is hacking to raise awareness, and not for personal gain.
     
  5. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    that wasn't what Kaspersky claimed at the time:-they claimed only access to low level low security info had been gained,claims were made about credit card details of customers etc,which aren't actually handled by Kaspersky but 3rd party billing companies
     
    Last edited: Dec 12, 2009
  6. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London
    Nah not the billing and credit card info...but everything that had screenshots taken of it was real, but not copied or modified as the independent audit found.
     
Loading...
Thread Status:
Not open for further replies.