Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Attack on 20m accounts of Alibaba’s shopping site “Taobao”!

Taobao is a famous E-commerce site owned by Alibaba Group. Some hackers attacked on Taobao to gain the access of 20 million active accounts. According to a report, in this attack hackers used a database which was full of usernames and passwords. There were approximately 99 million usernames and passwords in that database.

These usernames and passwords belongs to the multiple popular websites. Hackers used these login credentials on the cloud computing service of Alibaba “Alicloud”. According to the famous news agency Reuters, hackers gained the access of many accounts because owners of these hacked accounts were using same username and password on many other popular websites.

CloudLock director, Yishai Beeri said that this happened due to the common ignorance of users as they did not managed their passwords in a well manner. It is a very common mistake done by the users but it is the most dangerous. A speaker of Alibaba group told that suspected criminals has been arrested.

System admins of Alibaba found a number of login attempts on the server continuously and they blocked these logins attempts immediately. On the other hand the compromised accounts were used by hackers to make fake orders. The credentials of many accounts were also sold by hackers on the dark web.

Also read: Online Accounts of United State's Luxury store “NEIMAN MARCUS” have been hacked!

The database of Taobao is safe because hackers already had the login credentials of compromised accounts. May be they had purchase it from the other hackers who had stolen these credentials from other popular websites.

In December 2014, there was a security flaw in the website of company. By using this flaw hackers were changing the order details of customers and they were also stealing the financial credentials of users. Later security researchers reported about this flaw and then they fixed it. The customers of Alibaba also faced many Phishing scams in December 2015. But this time database of company is safe.

Source: SCMAGAZINE

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.