Verticalscope, a Canadian company managing web discussion forums of more than 45 million users was recently targeted by hackers. The data breach has left 2.7 million accounts vulnerable. This is the second time the company was targeted by hackers.
The company confirmed earlier that there was a data breach in June 2016 too, which resulted in the leak of 45 million users accounts and the details were published on a blog Leakedsource.com.
The data breach has had its toll on six websites operated by the firm; these include Jeepforum.com, Toyotanation.com, and Watchuseek.com which is the company’s second most browsed website as reported by Brian Krebs who is a security expert.
Krebs was notified by the founder of Hold Security, Mr. Alex Holden that the hackers were trying to sell access to Verticalscope.com and other sites which are managed by the firm. Mr. Holder is also a security researcher at his company.
It was initially suspected by Holden that the hackers are trying to sell off data which was stolen in the first breach of 2016.
Krebs wrote it was before he made contact with one of the suspects who tried to sell him the data which included screenshots. This indicated that many other websites including Verticalscope.com were breached with a backdoor “Web shell.” Using a web shell, the site can be administered by anyone, which enables access to the full site content. The administrator having access to the site can upload and delete any content and can even dump all the information of the accounts, including login details, IP, and email addresses for every account.
Some details were hidden in the screenshots, allowing him to trace a minimum of two backdoors on Veritcalscope’s website and Toyotanation.com
It was reported by Krebs that even a basic search on one of the hacked website opened a link to numerous Pastebin posts, which are now removed. It is also speculated that the people behind this attack may try to use this for the advertisement of a newly launched web service “LuiDb.”
“LuiDb which functions similar to the Leakedsource, enables the service users to search for any account detail which was compromised in the breach. Every detail like login, password, full name and internet address can be searched. The initial search doesn’t need any subscription, but users have to pay in bitcoin valued in a range of $5 to $400 as the subscription charge towards any subsequent searches.
In a statement to Krebs, Verticalscope confirmed that the intrusion had given the ability to the hackers to access each and every website file. As a precautionary measure, the firm has deleted the file manager, expired all website passwords and updated the detection tool in order to prevent a further breach.
No detail was provided by the company regarding the time and the method used for carrying out the attack.