CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
January 22nd, 2011

Access To Hacked Government, Educational, Military Websites Sold On Underground Market

Security vendor Imperva warns that hackers are selling access to hacked websites and servers that belong to government, military and educational institutions. The company provides a screenshot of a list of compromised websites as advertised by the hacker, which contains information such as the level of access, the owner, traffic and price.

For example, one of the most expensive items is MySQL root access and high value information from www.scguard.army.mil, the website of the South Carolina National Guard. It costs $499. For the same price, one could acquire root access to the U.S. Army Communications-Electronic Command Web server (cecom.army.mil) or control of the admin panel for the General Staff of the Albanian Army (gs.mil.al) website. Root access to the Department of Defense Pharmacoeconomic Center Web server (www.pec.ha.osd.mil) is $100 cheaper.

Even though they are visited by several hundred thousand users, unauthorized access to compromised local government sites is not that expensive. Access to Utah.gov and Michigan.gov costs 99$ and 55$ respectively. Full control of the University of South Carolina Beaufort website can be bought for $88 and control over edu sites from other countries comes at similar prices.

But this hacker doesn’t only offer access to already compromised sites and Web servers. He can also be hired to hack them on request.

Gaining access to a “normal” website costs just $9.99, while the price for a high profile one varies depending on the target.

Even more worryingly, information extracted from the hacked sites is also put up for sale. Databases containing the names, emails, addresses, phone numbers and fax details cost just $20 per 1,000 records.

According to a discussion about the legitimacy of this seller on a known hacking forum, users seem to agree that he is not a scammer.

However, one fellow hacker holding a grudge has exposed all URLs to the SQL injection vulnerabilities he exploited to compromise those sites and servers. So now, not only is access to these sites available for purchase on Google-indexed page, but the method of getting it for free is also available for those with the know-how.

Some of the sites on the hacker’s list have been taken offline since Imperva’s report came out. This suggests that owners are working to fix the problems.

Credit: Softpedia.com News

Share this item with others:

More on CyberInsecure:
  • Hacker Published Confidential Records Belonging To Six Million Chileans On The Internet
  • Educational And Military Networks Under Botnet attacks
  • U.S. Military Contractor Booz Allen Hamilton Hacked, Emails And Sensitive Data Exposed
  • FBI Looks Into Counterfeit Cisco Equipment
  • Adobe Web Portal Exposed Educational Software Users Personal Data

    • Posted in Breaches And Incidents, Cybercrime, Data Theft, Hacked, Privacy, SQL Injections, Targeted Attacks | Print This Post Print This Post

    This entry was posted on Saturday, January 22nd, 2011 at 11:13 am and is filed under Breaches And Incidents, Cybercrime, Data Theft, Hacked, Privacy, SQL Injections, Targeted Attacks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Access To Hacked Government, Educational, Military Websites Sold On Underground Market

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »