Hackers Leave Advice for Breached Security Company



/ 3 years ago

data breach

Security firm Staminus servers have been taken offline today, following a supposedly successful cyber-attack on their network. The Newport Beach, California-based hosting and distributed denial of service (DDoS) protection company went down at 8 am EST on Thursday, with the company communicating details of the event via Twitter citing it as a “rare event [that] cascaded across multiple routers in a system-wide event.”

This ‘rare event’ was quickly revealed to be a far more deliberate malicious act against the company, with a data dump of Staminus’ servers being posted to the internet shortly afterwards. This leak contained the details of a large number of customer names and email addresses as well as their database table structures, routing tables and other crucial operational information. An unnamed Staminus customer verified the contents of the hack, confirming that his details were among those released in the dump. The posters of the dump declared that they had managed to gain access to all of Staminus’ routers and networked systems, resetting them to factory settings.

The dump begins with a note from the hackers responsible for the breach, titled “TIPS WHEN RUNNING A SECURITY COMPANY.” This preface detailed a number of security flaws found while breaching Staminus’ systems in a sarcastic style:

  • Use one root password for all the boxes
  • Expose PDU’s [power distribution units in server racks] to WAN with telnet auth
  • Never patch, upgrade or audit the stack
  • Disregard PDO [PHP Data Objects] as inconvenient
  • Hedge entire business on security theatre
  • Store full credit card info in plaintext
  • Write all code with wreckless [sic] abandon

While no credit card information was visible in the dumped data, doing so unencrypted goes against Payment Card Industry (PCI) security standards and inappropriate for any company handling such details, especially one claiming to be in the security business.

Also laid bare was the colourful selection of customers that Staminus served. From a number of small gaming server operators, including those for Minecraft all the way to the Ku Klux Klan, it was found that the KKK’s official website was in fact hosted by Staminus, as well as a number of affiliated sites such as the American Heritage Committee.

While Staminus claimed that service had been restored globally, many customers took to Twitter claiming that it was not the case. Since then, the only communication from the firm has been the announcement of a statement from their CEO, which is linked to their (currently offline) site. When Staminus will regain full functionality of the network is anyone’s guess, however, it will be interesting to see how the company will recover from this major event.

Topics: , , , , ,

Support eTeknix.com

By supporting eTeknix, you help us grow. And continue to bring you the latest news, reviews, and competitions. Follow us on Facebook and Twitter to keep up with the latest technology. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!
eTeknix FacebookeTeknix TwittereTeknix Instagram

Check out our Latest Video

Comments

One Response to “Hackers Leave Advice for Breached Security Company”
  1. Goldminer says:

    Staminus, Who.

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

  • Be Social with eTeknix

  • itvpros.com
  • Poll

    AMD or Intel?

    View Results