Rabitə və İnformasiya Texnologiyaları Nazirliyinin elektron xəbər xidməti

Hackers claim breach of China Telecom, Warner Bros. networks


SwaggSec says it lifted more than 900 login credentials from the Chinese ISP and that the company did little to defend itself after it discovered the breach.

An Internet hacking group claimed today to have broken into the networks of Warner Bros. and China Telecom, publishing documents and login credentials purportedly stolen in the breaches.
 
 SwaggSec, also known as Swagg Security, announced the hack on its Twitter feed and published a statement on Pastebin, along with links to the purloined files posted to Pirate Bay.

The group leaped to prominence in February when it took credit for a breach of Foxconn network security, resulting in the theft of usernames, passwords, and other private information. (Foxconn -- a Taiwanese hardware manufacturer -- has been the frequent target of criticism over its factory working conditions.)
In its message on Pastebin, SwaggSec said obtaining more than 900 admin usernames and passwords during a hack on China Telecom was "as simple as we assumed it would be."

"China Telecom's SQL server had an extremely low processing capacity, and with us being impatient, after about a month straight of downloading, we stopped," the Pastebin post said. "However, a few times we accidentally DDoS'd their SQL server. I guess they thought nothing of it, until we left them a little message signed by SwaggSec."

After identifying the breach, China Telecom moved is SQL server but neglected to make a public statement or change its passwords. "At any moment, we could have and still could destroy their communication infrastructure leaving millions without communication," it said.

Similarly, the group taunted Warner Bros. for its "ignorance" of its security vulnerabilities. "When we hacked their intranet, we were surprised to see their IT department's well documented 'confidential' data about the 'critical vulnerabilities' on their servers and sites," the group said. "However, their IT department's ignorance to fix any of the vulnerabilities they were aware about, granted us complete access to their servers."





04/06/12    Çap et