Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

GhostShell Hackers are Back with 38 Million Leaked Login Credentials!

Do you remember GhostShell Hackers? Let me remind you. It is a group of hackers and it came in news after four years. In year 2012, a number of websites were hacked by this group. All the hacked websites were the property of Law Enforcement Agencies, Financial Organizations, Political Parties and Government Agencies. This was the last when they were in news. But now GhostShell is back with a big data breach. GhostShell posted on his twitter account about this data breach. GhostShell hackers have access of more than 38 Million accounts. According to security researchers, 38 Million is not an accurate figure. The actual number of hacked accounts is much more than this.

 

What they have stolen?

The stolen data includes passwords, email addresses of users, skype names, D.O.B (Date of Birth) Details, Personal Contact Numbers, Social Security Number (SSN) and some other personal identification data. According to security researchers, some of the hacked passwords were hashed. Some of them were in plain text and some of them were in “hashed+salted” form.

 

Why GhostShell hackers did this?

Pierluigi Paganini (Chief Information Security Officer at Bit4Id) wrote in a blog post, When I contact the hackers of GhostShell they ask that security researchers should do work on the popular JavaScript Based Technologies Collection MEAN (MongoDB, Express.js, Angular JavaScript, Node.js) Stack. This is a very popular stack and that’s why it have a number of security issues. Before MEAN Stack, everyone was using LAMP Stack. LAMP Stack was insecure but MEAN Stack also have a number of vulnerabilities.”

 

Also read: Users are reporting, Remote Tool “Team Viewer” has Been Hacked!

 

In their posts, GhostShell told that we want to aware server admins that the authentication process used by them are very week. GhostShell also posted on Patebin. They wrote, the authentication process used by MEAN is very weak. A number of services are only single factor authenticated. It is very easy for hackers to bypass this authentication process. When GhostShell scanned the whole network, they found a number of open ports.

 

List of Open Ports Which they Found

  • 22
  • 53
  • 80
  • 81
  • 110
  • 137
  • 143
  • 443
  • 465
  • 993
  • 995
  • 3000
  • 8080
  • 27017
  • 3306
  • 6379
  • 8888
  • 28017
  • 64738
  • 25565

Hackers could easily got entry into those databases, which are using weak and poor network security techniques. GhostShell gave an example by doing this. Proper changes and maintenance of database is a must. It is a responsibility of Server Admins and security experts to manage the old data techniques and apply new security techniques at proper time.

Source: securityaffairs.co

 

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.