STOLEN from Warsaw Stock #GPW #HACKING Appeared on Pastebin large collection of data stolen from the Stock Exchange. The 30MB file placed by the burglars see personal data (probably employees and partners exchange) as well as the password and IP addresses of servers and network infrastructure maps WSE, which proves that the attacker gained unauthorized access to the internal network of the Stock Exchange. As if that were not enough, on the basis of data stolen from the Warsaw Stock Exchange, the burglars got a private e-mail box Stock Exchange and stole customer data from them (including intimate pictures). Stolen data have been published on Pastebin (in 3 different packages) by the user of a Slavic name, but they are written in English - and as if that was not enough, their tone is meant to indicate that the attack facing followers of Allah and the burglary was an act of revenge for bombing of the country. ---- Today we HACKED Warsaw Stock Exchange! It’s just a beginning of the FIGHT against those who’re bombing our Homeland! To be continued! Allahu Akbar! We’re presenting a part of rolled out information: brokers’ emails, usernames and passwords as well. (…) Today we have hacked the Warsaw Stock Exchange. There are hundreds of thousands of us. And the fighting has just begun. All the governments that joined the bombing of the Islamic State are our targets now. Europe, your peaceful life is over. You called for the war and it is coming. Your politicians are aggressive but your soldiers are cowards. Your aircraft fly in our skies but the Warriors of Allah are on your land. And we are invisible to you. But you feel us and you are afraid of us. Your money, your information and your lives are under our control. We are close to you. We are among you. Allah Akbar! --- In addition to the user data from different databases (websites?) Managed by the Warsaw Stock Exchange, in a shared dumpie include logins and passwords of administrators of servers / routers (one of the descriptions suggests that they come from, among others, the shadow file exchange server Newconnect) and the results nmap scans servers on the internal infrastructure of the Warsaw Stock Exchange, and exactly in 2 subnets, in which (as a result of a burglar provided by a map containing addressing) - the backup server is hosted UTP, which is the new trading system of the Warsaw Stock Exchange. There is also a list of servers thrown on the Warsaw Stock Exchange ... webshelli and notes burglar, from which it can be hypothesized that the attack started with SQL injection on a server utp.gpw.pl (and concerned webaplikacji Joomla), then placed on a server Webshell and started scanning the subnet and escalation attack. Size and type of data collected, the date of creation of files in the archive provided by the burglars, and the fact that some of the simpler passwords were broken suggested that the attack took place some time ago and it lasted for a few minutes, but rather for many days ... WSE confirms data theft, but narrows its scope to only one site. --- From: [email protected] Date: October 23, 2014 18:01 Subject: Important for users simulator Stock Exchange Trader Ladies and Gentlemen, Please be advised that for reasons beyond the control of the Stock Exchange in Warsaw SA may have occurred after the acquisition by entities unauthorized your archival data used to log in to the simulator exchange Stock Exchange Trader. We apologize for the situation, and if you were using the same passwords on other websites we recommend to change them. Exchange SA ---
Posted on: Mon, 27 Oct 2014 13:35:44 +0000
Trending Topics
Recently Viewed Topics
© 2015