Hi, 
Guest
Pic
Sign In

wasc-whid@lists.webappsec.org

WASC Web Hacking Incidents Database

View all threads

WHID 2011-89: China Implicated In Hacking Of SMB Online Bank Accounts

WW
WASC Web Hacking Incidents Database
Wed, Apr 27, 2011 1:04 PM

Entry Title: WHID 2011-89: China Implicated In Hacking Of SMB Online Bank
Accounts
WHID ID: 2011-89
Date Occurred: April 26, 2011
Attack Method: Banking Trojan
Application Weakness: Insufficient Authentication
Outcome: Monetary Loss
Attacked Entity Field: Finance
Attacked Entity Geography:
Incident Description: This time it wasn't an "advanced persistent threat"
that China was associated with: a fraud alert issued by the FBI today
implicates China in a cybercrime operation that bilked U.S.-based small- to
midsize businesses of $11 million over the past year.
Mass Attack: Yes
Number of Sites Affected: 20
Reference:
http://www.informationweek.com/news/security/vulnerabilities/229402300
Attack Source Geography: China
Additional Link:
http://www.ic3.gov/media/2011/ChinaWireTransferFraudAlert.pdf

Entry Title: WHID 2011-89: China Implicated In Hacking Of SMB Online Bank Accounts WHID ID: 2011-89 Date Occurred: April 26, 2011 Attack Method: Banking Trojan Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: This time it wasn't an "advanced persistent threat" that China was associated with: a fraud alert issued by the FBI today implicates China in a cybercrime operation that bilked U.S.-based small- to midsize businesses of $11 million over the past year. Mass Attack: Yes Number of Sites Affected: 20 Reference: http://www.informationweek.com/news/security/vulnerabilities/229402300 Attack Source Geography: China Additional Link: http://www.ic3.gov/media/2011/ChinaWireTransferFraudAlert.pdf
WW
WASC Web Hacking Incidents Database
Wed, Apr 27, 2011 1:17 PM

Just wanted to send a quick note to the list to highlight some challenges we
face with regards to proper classification (Attack Method, Application
Weakness and Outcome) of incidents.  The DabbleDB we are using for tracking
WHID entries doesn't seem to be able to allow for multiple selections of
categories.  Well, technically it can, but the reporting on this data is
poor.  This is challenging due to the fact that many incidents have
components that fit into multiple areas.  For example, with regards to
Banking Trojans and the underlying Application Weakness, we have two
distinct attack scenarios -

  1. When a banking trojan steals a victim's login credentials and then the
    criminal uses that data to log into the application themselves to transfer
    funds.  In this scenario ­ I label the App Weakness as Insufficient
    Authentication as usually these sites are not using Two-Factor auth which
    allows a criminal to login with only username/password data stolen by the
    Banking Trojan.
  2. When a banking trojan passively waits for a victim to login and then
    submits a transfer request while piggy-backing on the existing transaction,
    however, then this seems that the App Weakness is more Insufficient Process
    Validation as the transfer request usually does not follow the proper
    process flow and should be identified by the banking app as suspicious.
    Anyways, I just wanted to point out this issue to you all.  I will continue
    to work on the DabbleDB schema to see if we can get multiple categories to
    be able to be assigned.

Cheers,
Ryan

From:  WASC Web Hacking Incidents Database wasc-whid@lists.webappsec.org
Reply-To:  wasc-whid@lists.webappsec.org
Date:  Wed, 27 Apr 2011 09:04:49 -0400
To:  wasc-whid@lists.webappsec.org
Subject:  [WASC-WHID] WHID 2011-89: China Implicated In Hacking Of SMB
Online Bank Accounts

Entry Title: WHID 2011-89: China Implicated In Hacking Of SMB Online Bank
Accounts
WHID ID: 2011-89
Date Occurred: April 26, 2011
Attack Method: Banking Trojan
Application Weakness: Insufficient Authentication
Outcome: Monetary Loss
Attacked Entity Field: Finance
Attacked Entity Geography:
Incident Description: This time it wasn't an "advanced persistent threat" that
China was associated with: a fraud alert issued by the FBI today implicates
China in a cybercrime operation that bilked U.S.-based small- to midsize
businesses of $11 million over the past year.
Mass Attack: Yes
Number of Sites Affected: 20
Reference:
http://www.informationweek.com/news/security/vulnerabilities/229402300
Attack Source Geography: China
Additional Link: http://www.ic3.gov/media/2011/ChinaWireTransferFraudAlert.pdf
_______________________________________________ The Web Hacking Incidents
Database Project http://projects.webappsec.org/Web-Hacking-Incident-Database
wasc-whid mailing list wasc-whid@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/wasc-whid_lists.webappsec.org

Just wanted to send a quick note to the list to highlight some challenges we face with regards to proper classification (Attack Method, Application Weakness and Outcome) of incidents. The DabbleDB we are using for tracking WHID entries doesn't seem to be able to allow for multiple selections of categories. Well, technically it can, but the reporting on this data is poor. This is challenging due to the fact that many incidents have components that fit into multiple areas. For example, with regards to Banking Trojans and the underlying Application Weakness, we have two distinct attack scenarios - 1. When a banking trojan steals a victim's login credentials and then the criminal uses that data to log into the application themselves to transfer funds. In this scenario ­ I label the App Weakness as Insufficient Authentication as usually these sites are not using Two-Factor auth which allows a criminal to login with only username/password data stolen by the Banking Trojan. 2. When a banking trojan passively waits for a victim to login and then submits a transfer request while piggy-backing on the existing transaction, however, then this seems that the App Weakness is more Insufficient Process Validation as the transfer request usually does not follow the proper process flow and should be identified by the banking app as suspicious. Anyways, I just wanted to point out this issue to you all. I will continue to work on the DabbleDB schema to see if we can get multiple categories to be able to be assigned. Cheers, Ryan From: WASC Web Hacking Incidents Database <wasc-whid@lists.webappsec.org> Reply-To: <wasc-whid@lists.webappsec.org> Date: Wed, 27 Apr 2011 09:04:49 -0400 To: <wasc-whid@lists.webappsec.org> Subject: [WASC-WHID] WHID 2011-89: China Implicated In Hacking Of SMB Online Bank Accounts > Entry Title: WHID 2011-89: China Implicated In Hacking Of SMB Online Bank > Accounts > WHID ID: 2011-89 > Date Occurred: April 26, 2011 > Attack Method: Banking Trojan > Application Weakness: Insufficient Authentication > Outcome: Monetary Loss > Attacked Entity Field: Finance > Attacked Entity Geography: > Incident Description: This time it wasn't an "advanced persistent threat" that > China was associated with: a fraud alert issued by the FBI today implicates > China in a cybercrime operation that bilked U.S.-based small- to midsize > businesses of $11 million over the past year. > Mass Attack: Yes > Number of Sites Affected: 20 > Reference: > http://www.informationweek.com/news/security/vulnerabilities/229402300 > Attack Source Geography: China > Additional Link: http://www.ic3.gov/media/2011/ChinaWireTransferFraudAlert.pdf > _______________________________________________ The Web Hacking Incidents > Database Project http://projects.webappsec.org/Web-Hacking-Incident-Database > wasc-whid mailing list wasc-whid@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/wasc-whid_lists.webappsec.org
WW
WASC Web Hacking Incidents Database
Mon, May 2, 2011 7:28 PM

WHID 2011-90: DSLReports says member information stolen

Entry Title: WHID 2011-90: DSLReports says member information stolen
WHID ID: 2011-90
Date Occurred: April 28, 2011
Attack Method: SQL Injection
Application Weakness: Improper Input Handling
Outcome: Leakage of Information
Attacked Entity Field: News
Attacked Entity Geography: USA
Incident Description: Subscribers to ISP news and review site DSLReports.com
have been notified that their e-mail addresses and passwords may have been
exposed during an attack on the Web site earlier this week.
The site was targeted in an SQL injection attack yesterday and about 8
percent of the subscribers' e-mail addresses and passwords were stolen,
Justin Beech, founder of DSLReports.com, wrote in an e-mail to members. That
would be about 8,000 random accounts of the 9,000 active and 90,000 old or
inactive accounts created during the site's 10-year history, Beech said in
an e-mail to CNET today.
Mass Attack: No
Reference: http://news.cnet.com/8301-27080_3-20058471-245.html
Attack Source Geography:

WHID 2011-90: DSLReports says member information stolen Entry Title: WHID 2011-90: DSLReports says member information stolen WHID ID: 2011-90 Date Occurred: April 28, 2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: News Attacked Entity Geography: USA Incident Description: Subscribers to ISP news and review site DSLReports.com have been notified that their e-mail addresses and passwords may have been exposed during an attack on the Web site earlier this week. The site was targeted in an SQL injection attack yesterday and about 8 percent of the subscribers' e-mail addresses and passwords were stolen, Justin Beech, founder of DSLReports.com, wrote in an e-mail to members. That would be about 8,000 random accounts of the 9,000 active and 90,000 old or inactive accounts created during the site's 10-year history, Beech said in an e-mail to CNET today. Mass Attack: No Reference: http://news.cnet.com/8301-27080_3-20058471-245.html Attack Source Geography:
WW
WASC Web Hacking Incidents Database
Mon, May 2, 2011 7:29 PM

WHID 2011-91: Rabobank network floored by cyber attack

Entry Title: WHID 2011-91: Rabobank network floored by cyber attack
WHID ID: 2011-91
Date Occurred: May 2, 2011
Attack Method: Denial of Service
Application Weakness: Insufficient Anti-automation
Outcome: Downtime
Attacked Entity Field: Finance
Attacked Entity Geography: Netherlands
Incident Description: Internet and mobile banking at the Rabobank has been
badly hit by an attack on its computer network, the company reported on
Monday.
The denial of service attack, in which the target computer is saturated with
external communications requests, has made the network unavailable to its
customers.
Mass Attack: No
Reference:
http://www.dutchnews.nl/news/archives/2011/05/rabobank_network_floored_by_cy
.php
Attack Source Geography:

WHID 2011-91: Rabobank network floored by cyber attack Entry Title: WHID 2011-91: Rabobank network floored by cyber attack WHID ID: 2011-91 Date Occurred: May 2, 2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Netherlands Incident Description: Internet and mobile banking at the Rabobank has been badly hit by an attack on its computer network, the company reported on Monday. The denial of service attack, in which the target computer is saturated with external communications requests, has made the network unavailable to its customers. Mass Attack: No Reference: http://www.dutchnews.nl/news/archives/2011/05/rabobank_network_floored_by_cy .php Attack Source Geography:
WW
WASC Web Hacking Incidents Database
Mon, May 2, 2011 7:37 PM

WHID 2011-92: Anonymous attacks Iranian state websites

Entry Title: WHID 2011-92: Anonymous attacks Iranian state websites
WHID ID: 2011-92
Date Occurred: May 2, 2011
Attack Method: Denial of Service
Application Weakness: Insufficient Anti-automation
Outcome: Downtime
Attacked Entity Field: Government
Attacked Entity Geography: Iran
Incident Description: The infamous Anonymous hacking group has crippled a
string of Iranian state websites including those of the Office of the
Supreme Leader, state police and the Islamic Revolutionary Guards in attacks
launched yesterday.
Mass Attack: No
Reference:
http://www.securecomputing.net.au/News/256057,anonymous-attacks-iranian-stat
e-websites.aspx
Attack Source Geography:

WHID 2011-92: Anonymous attacks Iranian state websites Entry Title: WHID 2011-92: Anonymous attacks Iranian state websites WHID ID: 2011-92 Date Occurred: May 2, 2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Iran Incident Description: The infamous Anonymous hacking group has crippled a string of Iranian state websites including those of the Office of the Supreme Leader, state police and the Islamic Revolutionary Guards in attacks launched yesterday. Mass Attack: No Reference: http://www.securecomputing.net.au/News/256057,anonymous-attacks-iranian-stat e-websites.aspx Attack Source Geography:
WW
WASC Web Hacking Incidents Database
Mon, May 2, 2011 7:41 PM

WHID 2011-93: Hacker posts screenshot of sex video on SPAD website

Entry Title: WHID 2011-93: Hacker posts screenshot of sex video on SPAD
website
WHID ID: 2011-93
Date Occurred: May 2, 2011
Attack Method: Unknown
Application Weakness: Improper Output Handling
Outcome: Defacement
Attacked Entity Field: Government
Attacked Entity Geography: Malaysia
Incident Description: The Land Public Transport Commission (SPAD) website
was hacked yesterday and a screenshot of the controversial sex video
allegedly involving a top politician was posted on its main page.
Mass Attack: No
Reference:
http://thestar.com.my/news/story.asp?file=/2011/5/2/nation/8591951&sec=natio
n
Attack Source Geography:

WHID 2011-93: Hacker posts screenshot of sex video on SPAD website Entry Title: WHID 2011-93: Hacker posts screenshot of sex video on SPAD website WHID ID: 2011-93 Date Occurred: May 2, 2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Malaysia Incident Description: The Land Public Transport Commission (SPAD) website was hacked yesterday and a screenshot of the controversial sex video allegedly involving a top politician was posted on its main page. Mass Attack: No Reference: http://thestar.com.my/news/story.asp?file=/2011/5/2/nation/8591951&sec=natio n Attack Source Geography:
WW
WASC Web Hacking Incidents Database
Mon, May 2, 2011 7:46 PM

WHID 2011-94: High school hackers expose security gap in Seattle Public
Schools

Entry Title: WHID 2011-94: High school hackers expose security gap in
Seattle Public Schools
WHID ID: 2011-94
Date Occurred: May 1, 2011
Attack Method: Stolen Credentials
Application Weakness: Insufficient Authentication
Outcome: Disinformation
Attacked Entity Field: Education
Attacked Entity Geography: Seattle, WA
Incident Description: District officials suspect a student, or several,
swiped teachers' passwords for online grade books, possibly using a
key-logger device or keystroke-recording software that captures every
keystroke, including IDs and passwords
Mass Attack: No
Reference:
http://seattletimes.nwsource.com/html/editorials/2014914193_edit02grades.htm
l
Attack Source Geography:

WHID 2011-94: High school hackers expose security gap in Seattle Public Schools Entry Title: WHID 2011-94: High school hackers expose security gap in Seattle Public Schools WHID ID: 2011-94 Date Occurred: May 1, 2011 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Disinformation Attacked Entity Field: Education Attacked Entity Geography: Seattle, WA Incident Description: District officials suspect a student, or several, swiped teachers' passwords for online grade books, possibly using a key-logger device or keystroke-recording software that captures every keystroke, including IDs and passwords Mass Attack: No Reference: http://seattletimes.nwsource.com/html/editorials/2014914193_edit02grades.htm l Attack Source Geography:
WW
WASC Web Hacking Incidents Database
Tue, May 3, 2011 12:41 PM

WHID 2011-95: Researchers Catch Targeted Attack On Popular Soccer Website

Entry Title: WHID 2011-95: Researchers Catch Targeted Attack On Popular
Soccer Website
WHID ID: 2011-95
Date Occurred: May 2, 2011
Attack Method: Unknown
Application Weakness: Improper Output Handling
Outcome: Planting of Malware
Attacked Entity Field: Sports
Attacked Entity Geography: Luxembourg
Incident Description: A popular sports website late last week was spotted
serving up malware in what researchers say appears to be a targeted attack
and not part of a mass SQL injection campaign.
Mass Attack: No
Reference:
http://www.darkreading.com/advanced-threats/167901091/security/application-s
ecurity/229402594/researchers-catch-targeted-attack-on-popular-soccer-websit
e.html
Attack Source Geography:
Attacked System Technology: WordPress

WHID 2011-95: Researchers Catch Targeted Attack On Popular Soccer Website Entry Title: WHID 2011-95: Researchers Catch Targeted Attack On Popular Soccer Website WHID ID: 2011-95 Date Occurred: May 2, 2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Sports Attacked Entity Geography: Luxembourg Incident Description: A popular sports website late last week was spotted serving up malware in what researchers say appears to be a targeted attack and not part of a mass SQL injection campaign. Mass Attack: No Reference: http://www.darkreading.com/advanced-threats/167901091/security/application-s ecurity/229402594/researchers-catch-targeted-attack-on-popular-soccer-websit e.html Attack Source Geography: Attacked System Technology: WordPress
WW
WASC Web Hacking Incidents Database
Tue, May 3, 2011 12:42 PM

WHID 2011-96: Click-jacking on Facebook

Entry Title: WHID 2011-96: Click-jacking on Facebook
WHID ID: 2011-96
Date Occurred: May 2, 2011
Attack Method: Clickjacking
Application Weakness: Application Misconfiguration
Outcome: Link Spam
Attacked Entity Field: Web 2.0
Attacked Entity Geography: USA
Incident Description: WebSense analyzes a recent click-jacking attack
against FaceBook users.
Mass Attack: No
Reference:
http://community.websense.com/blogs/securitylabs/archive/2011/05/02/a-weeken
d-of-click-jacking-on-facebook.aspx
Attack Source Geography:
Attacked System Technology: Facebook

WHID 2011-96: Click-jacking on Facebook Entry Title: WHID 2011-96: Click-jacking on Facebook WHID ID: 2011-96 Date Occurred: May 2, 2011 Attack Method: Clickjacking Application Weakness: Application Misconfiguration Outcome: Link Spam Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: WebSense analyzes a recent click-jacking attack against FaceBook users. Mass Attack: No Reference: http://community.websense.com/blogs/securitylabs/archive/2011/05/02/a-weeken d-of-click-jacking-on-facebook.aspx Attack Source Geography: Attacked System Technology: Facebook
WW
WASC Web Hacking Incidents Database
Tue, May 3, 2011 12:46 PM

WHID 2011-97: Man who liveblogged Bin Laden raid was hacked

Entry Title: WHID 2011-97: Man who liveblogged Bin Laden raid was hacked
WHID ID: 2011-97
Date Occurred: May 2, 2011
Attack Method: Unknown
Application Weakness: Improper Output Handling
Outcome: Planting of Malware
Attacked Entity Field: Blogs
Attacked Entity Geography: Pakistan
Incident Description: The Pakistani programmer who dubbed himself "the guy
who liveblogged the Osama raid without knowing about it" is also the guy who
got his website hacked without knowing about it.
Mass Attack: No
Reference:
http://www.computerworld.com/s/article/9216341/Man_who_liveblogged_Bin_Laden
_raid_was_hacked
Attack Source Geography:
Attacked System Technology: WordPress

WHID 2011-97: Man who liveblogged Bin Laden raid was hacked Entry Title: WHID 2011-97: Man who liveblogged Bin Laden raid was hacked WHID ID: 2011-97 Date Occurred: May 2, 2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Blogs Attacked Entity Geography: Pakistan Incident Description: The Pakistani programmer who dubbed himself "the guy who liveblogged the Osama raid without knowing about it" is also the guy who got his website hacked without knowing about it. Mass Attack: No Reference: http://www.computerworld.com/s/article/9216341/Man_who_liveblogged_Bin_Laden _raid_was_hacked Attack Source Geography: Attacked System Technology: WordPress
WW
WASC Web Hacking Incidents Database
Tue, May 3, 2011 12:52 PM

WHID 2011-98: Sony Darkens Another Network As Breach Investigation Widens

Entry Title: WHID 2011-98: Sony Darkens Another Network As Breach
Investigation Widens
WHID ID: 2011-98
Date Occurred: May 2, 2011
Attack Method: Unknown
Application Weakness: Unknown
Outcome: Leakage of Information
Attacked Entity Field: Entertainment
Attacked Entity Geography: Japan
Incident Description: Sony Corp. took further steps to contain a serious
data breach: temporarily shuttering the Website of Sony Online Entertainment
and station.com, another of the technology company's online gaming networks,
even as it signaled the slow return of its PlayStation Network to operation.
Mass Attack: No
Reference:
http://threatpost.com/en_us/blogs/sony-darkens-another-network-breach-invest
igation-widens-050211
Attack Source Geography:

WHID 2011-98: Sony Darkens Another Network As Breach Investigation Widens Entry Title: WHID 2011-98: Sony Darkens Another Network As Breach Investigation Widens WHID ID: 2011-98 Date Occurred: May 2, 2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Japan Incident Description: Sony Corp. took further steps to contain a serious data breach: temporarily shuttering the Website of Sony Online Entertainment and station.com, another of the technology company's online gaming networks, even as it signaled the slow return of its PlayStation Network to operation. Mass Attack: No Reference: http://threatpost.com/en_us/blogs/sony-darkens-another-network-breach-invest igation-widens-050211 Attack Source Geography:
WW
WASC Web Hacking Incidents Database
Wed, May 4, 2011 2:27 PM

WHID 2011-99: FTC settles data breach charges against Lookout Services

Entry Title: WHID 2011-99: FTC settles data breach charges against Lookout
Services
WHID ID: 2011-99
Date Occurred: October 1, 2009
Attack Method: Predictable Resource Location
Application Weakness: Insufficient Authorization
Outcome: Leakage of Information
Attacked Entity Field: Information Services
Attacked Entity Geography:
Incident Description: In October and December 2009, an employee of a Lookout
customer was able to gain access to the product's database by typing a URL
into a Web browser, the FTC said in its complaint. The intruder was able to
gain access to personal information, including Social Security numbers, of
about 37,000 consumers, the FTC said.
Mass Attack: No
Reference:
http://news.idg.no/cw/art.cfm?id=2761F224-1A64-67EA-E41CDB96A756125A
Attack Source Geography:
Additional Link:
http://ftc.gov/os/caselist/1023076/110503lookoutservicesanal.pdf

WHID 2011-99: FTC settles data breach charges against Lookout Services Entry Title: WHID 2011-99: FTC settles data breach charges against Lookout Services WHID ID: 2011-99 Date Occurred: October 1, 2009 Attack Method: Predictable Resource Location Application Weakness: Insufficient Authorization Outcome: Leakage of Information Attacked Entity Field: Information Services Attacked Entity Geography: Incident Description: In October and December 2009, an employee of a Lookout customer was able to gain access to the product's database by typing a URL into a Web browser, the FTC said in its complaint. The intruder was able to gain access to personal information, including Social Security numbers, of about 37,000 consumers, the FTC said. Mass Attack: No Reference: http://news.idg.no/cw/art.cfm?id=2761F224-1A64-67EA-E41CDB96A756125A Attack Source Geography: Additional Link: http://ftc.gov/os/caselist/1023076/110503lookoutservicesanal.pdf
WW
WASC Web Hacking Incidents Database
Thu, May 12, 2011 4:09 PM

WHID 2011-100: Banking Trojan gang busted by Finnish police

Entry Title: WHID 2011-100: Banking Trojan gang busted by Finnish police
WHID ID: 2011-100
Date Occurred: May 10, 2011
Attack Method: Banking Trojan
Application Weakness: Insufficient Authentication
Outcome: Monetary Loss
Attacked Entity Field: Finance
Attacked Entity Geography: Sweden
Incident Description: Updated Finnish police closed on investigation on
Tuesday after arresting 17 people suspected of involvement in a banking
Trojan scam used to siphon off hundreds of thousands of euros held in
accounts with Nordea Bank.
Mass Attack: No
Reference:
http://www.theregister.co.uk/2011/05/10/finnish_banking_trojan_investigation
/
Attack Source Geography:
Cost: $1.2 million Euros

WHID 2011-100: Banking Trojan gang busted by Finnish police Entry Title: WHID 2011-100: Banking Trojan gang busted by Finnish police WHID ID: 2011-100 Date Occurred: May 10, 2011 Attack Method: Banking Trojan Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Sweden Incident Description: Updated Finnish police closed on investigation on Tuesday after arresting 17 people suspected of involvement in a banking Trojan scam used to siphon off hundreds of thousands of euros held in accounts with Nordea Bank. Mass Attack: No Reference: http://www.theregister.co.uk/2011/05/10/finnish_banking_trojan_investigation / Attack Source Geography: Cost: $1.2 million Euros
WW
WASC Web Hacking Incidents Database
Mon, May 16, 2011 5:32 PM

Entry Title: WHID 2011-101: Fox.com hacked
WHID ID: 2011-101
Date Occurred: April 29, 2011
Attack Method: Unknown
Application Weakness: Unknown
Outcome: Leakage of Information
Attacked Entity Field: News
Attacked Entity Geography: USA
Incident Description: Hackers have broken into a Fox.com extranet site,
designed as a repository of research statistics, programming details and
ratings for clients and affiliates, and stolen the emails and passwords for
hundreds of Fox Broadcasting employees.
Mass Attack: No
Reference: http://www.politico.com/blogs/onmedia/0511/Foxcom_hacked.html
Attack Source Geography:

Entry Title: WHID 2011-101: Fox.com hacked WHID ID: 2011-101 Date Occurred: April 29, 2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: News Attacked Entity Geography: USA Incident Description: Hackers have broken into a Fox.com extranet site, designed as a repository of research statistics, programming details and ratings for clients and affiliates, and stolen the emails and passwords for hundreds of Fox Broadcasting employees. Mass Attack: No Reference: http://www.politico.com/blogs/onmedia/0511/Foxcom_hacked.html Attack Source Geography:
WW
WASC Web Hacking Incidents Database
Mon, May 16, 2011 5:33 PM

Entry Title: WHID 2011-102: Group says its website calling for democracy
protests in China was hacked
WHID ID: 2011-102
Date Occurred: May 12, 2011
Attack Method: Unknown
Application Weakness: Unknown
Outcome: Data Loss
Attacked Entity Field: Hosting Providers
Attacked Entity Geography:
Incident Description: BEIJING ‹ A group that has issued calls for
pro-democracy protests in China said its Google-hosted site was hacked
Thursday, amid a far-reaching government crackdown on activists.
Mass Attack: No
Reference:
http://www.washingtonpost.com/world/group-says-its-website-calling-for-democ
racy-protests-in-china-was-hacked/2011/05/12/AFBAEtxG_story.html
Attack Source Geography:
Attacked System Technology: Google

Entry Title: WHID 2011-102: Group says its website calling for democracy protests in China was hacked WHID ID: 2011-102 Date Occurred: May 12, 2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Data Loss Attacked Entity Field: Hosting Providers Attacked Entity Geography: Incident Description: BEIJING ‹ A group that has issued calls for pro-democracy protests in China said its Google-hosted site was hacked Thursday, amid a far-reaching government crackdown on activists. Mass Attack: No Reference: http://www.washingtonpost.com/world/group-says-its-website-calling-for-democ racy-protests-in-china-was-hacked/2011/05/12/AFBAEtxG_story.html Attack Source Geography: Attacked System Technology: Google
WW
WASC Web Hacking Incidents Database
Mon, May 16, 2011 5:33 PM

Entry Title: WHID 2011-104: NASA website hacked
WHID ID: 2011-104
Date Occurred: May 11, 2011
Attack Method: Unknown
Application Weakness: Improper Output Handling
Outcome: Link Spam
Attacked Entity Field: Government
Attacked Entity Geography: USA
Incident Description: WASHINGTON: Software scammers offering cheap Adobe
software have hacked into numerous web pages of NASA, just days before its
final launch of the shuttle Endeavor, and Stanford University.
Mass Attack: No
Reference:
http://articles.timesofindia.indiatimes.com/2011-05-11/internet/29531808_1_n
asa-website-shuttle
Attack Source Geography:

Entry Title: WHID 2011-104: NASA website hacked WHID ID: 2011-104 Date Occurred: May 11, 2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Link Spam Attacked Entity Field: Government Attacked Entity Geography: USA Incident Description: WASHINGTON: Software scammers offering cheap Adobe software have hacked into numerous web pages of NASA, just days before its final launch of the shuttle Endeavor, and Stanford University. Mass Attack: No Reference: http://articles.timesofindia.indiatimes.com/2011-05-11/internet/29531808_1_n asa-website-shuttle Attack Source Geography:
WW
WASC Web Hacking Incidents Database
Mon, May 16, 2011 5:34 PM

Entry Title: WHID 2011-105: Hackers Take Over Twitter Accounts of
Fox-Affiliates
WHID ID: 2011-105
Date Occurred: May 10, 2011
Attack Method: Stolen Credentials
Application Weakness: Insufficient Authentication
Outcome: Account Takeover
Attacked Entity Field: Web 2.0
Attacked Entity Geography: USA
Incident Description: A group of hackers has gained access to a database of
fox.com email accounts and last night took over the Twitter accounts of two
Fox-affiliates: WFQX in Michigan¹s Upper Peninsulas and KADN in Lafayette,
LA.
Calling itself Lulz Security, the group posted defamatory tweets under the
accounts of WFQX and KADN and, using its own Twitter account (@LulzSec), has
today been teasing future attacks. ³Lots of Facebook logins,² the group
tweeted this morning.
Mass Attack: No
Reference:
http://www.mediabistro.com/tvspy/hackers-take-over-twitter-accounts-of-fox-a
ffiliates_b9977
Attack Source Geography:
Attacked System Technology: Twitter

Entry Title: WHID 2011-105: Hackers Take Over Twitter Accounts of Fox-Affiliates WHID ID: 2011-105 Date Occurred: May 10, 2011 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Account Takeover Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: A group of hackers has gained access to a database of fox.com email accounts and last night took over the Twitter accounts of two Fox-affiliates: WFQX in Michigan¹s Upper Peninsulas and KADN in Lafayette, LA. Calling itself Lulz Security, the group posted defamatory tweets under the accounts of WFQX and KADN and, using its own Twitter account (@LulzSec), has today been teasing future attacks. ³Lots of Facebook logins,² the group tweeted this morning. Mass Attack: No Reference: http://www.mediabistro.com/tvspy/hackers-take-over-twitter-accounts-of-fox-a ffiliates_b9977 Attack Source Geography: Attacked System Technology: Twitter
WW
WASC Web Hacking Incidents Database
Mon, May 16, 2011 5:34 PM

Entry Title: WHID 2011-106: Final Fantasy maker Square Enix hacked
WHID ID: 2011-106
Date Occurred: May 13, 2011
Attack Method: SQL Injection
Application Weakness: Improper Input Handling
Outcome: Leakage of Information
Attacked Entity Field: Entertainment
Attacked Entity Geography:
Incident Description: Hackers have broken into two websites belonging to
Japanese video games maker Square Enix.
The company confirmed that the e-mail addresses of up to 25,000 customers
who had registered for product updates may have been stolen as a result.
Mass Attack: No
Reference: http://www.bbc.co.uk/news/technology-13394968
Attack Source Geography:

Entry Title: WHID 2011-106: Final Fantasy maker Square Enix hacked WHID ID: 2011-106 Date Occurred: May 13, 2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: Hackers have broken into two websites belonging to Japanese video games maker Square Enix. The company confirmed that the e-mail addresses of up to 25,000 customers who had registered for product updates may have been stolen as a result. Mass Attack: No Reference: http://www.bbc.co.uk/news/technology-13394968 Attack Source Geography:
WW
WASC Web Hacking Incidents Database
Tue, May 17, 2011 12:51 PM

WHID 2011-107: Geek.com Site Hacked Via Exploit Kit

Entry Title: WHID 2011-107: Geek.com Site Hacked Via Exploit Kit
WHID ID: 2011-107
Date Occurred: May 17, 2011
Attack Method: Unknown
Application Weakness: Improper Output Handling
Outcome: Planting of Malware
Attacked Entity Field: Technology
Attacked Entity Geography: USA
Incident Description: Hackers inserted malicious code on the first article
on the Geek.com homepage, among others, the researchers say. "As this is
first article is highlighted --and 'Call of Duty' is a very popular game --
one can assume that many people have fallen victim to this attack," the blog
says. The article was published on May 13th. and the malicious Iframe is
injected at the bottom of the page, the researchers say.
Mass Attack: No
Reference:
http://www.darkreading.com/security/attacks-breaches/229500721/geek-com-site
-hacked-via-exploit-kit.html
Attack Source Geography:

WHID 2011-107: Geek.com Site Hacked Via Exploit Kit Entry Title: WHID 2011-107: Geek.com Site Hacked Via Exploit Kit WHID ID: 2011-107 Date Occurred: May 17, 2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Technology Attacked Entity Geography: USA Incident Description: Hackers inserted malicious code on the first article on the Geek.com homepage, among others, the researchers say. "As this is first article is highlighted --and 'Call of Duty' is a very popular game -- one can assume that many people have fallen victim to this attack," the blog says. The article was published on May 13th. and the malicious Iframe is injected at the bottom of the page, the researchers say. Mass Attack: No Reference: http://www.darkreading.com/security/attacks-breaches/229500721/geek-com-site -hacked-via-exploit-kit.html Attack Source Geography:
WW
WASC Web Hacking Incidents Database
Tue, May 17, 2011 12:54 PM

WHID 2011-108: Teenagers prosecuted for hacking and bringing down web
hosting company

Entry Title: WHID 2011-108: Teenagers prosecuted for hacking and bringing
down web hosting company
WHID ID: 2011-108
Date Occurred: April 2009
Attack Method: Unknown
Application Weakness: Unknown
Outcome: Downtime
Attacked Entity Field: Hosting Providers
Attacked Entity Geography:
Incident Description: According to the Met, using the alias 'Colonel Root',
Woodham hacked into web hosting company ŒPunkyhosting' in April 2009. It
detected the attack and made attempts to prevent it. In response, Woodham
repeatedly attacked the company over a number of weeks, causing it to cease
trading. He then sent a taunting email gloating about his actions.
Mass Attack: No
Reference:
http://www.scmagazineuk.com/teenagers-prosecuted-for-hacking-and-bringing-do
wn-web-hosting-company/article/202997/
Attack Source Geography:

WHID 2011-108: Teenagers prosecuted for hacking and bringing down web hosting company Entry Title: WHID 2011-108: Teenagers prosecuted for hacking and bringing down web hosting company WHID ID: 2011-108 Date Occurred: April 2009 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Hosting Providers Attacked Entity Geography: Incident Description: According to the Met, using the alias 'Colonel Root', Woodham hacked into web hosting company ŒPunkyhosting' in April 2009. It detected the attack and made attempts to prevent it. In response, Woodham repeatedly attacked the company over a number of weeks, causing it to cease trading. He then sent a taunting email gloating about his actions. Mass Attack: No Reference: http://www.scmagazineuk.com/teenagers-prosecuted-for-hacking-and-bringing-do wn-web-hosting-company/article/202997/ Attack Source Geography:
Next page
Empathy v1.0   2026 ©emwd.com
Documentation