Unknown hackers made public in his editorial team SecNews, the 32.000 account leakage event from the web pages bourdela.com and adultforum.gr.
The above websites are websites "Of special content" (for adults), with a very large number of users. It is worth mentioning that the websites are within the 350 web pages with the highest traffic in the Greek territory. This does not seem to prevent, however, the attackers, who have managed to draw almost all data in the database.
The strangers contacted the editorial team of SecNews, taking measures to conceal their data and provided evidence that proves beyond any doubt that the websites bourdela.com and adultforum.gr were targeted online. The hackers seem to have stolen data and data of 32.000 users
The information available to the unknown and made available to SecNews clearly shows:
(a) the username and encrypted password of each user (including administrators)
b) the IP address user's access origin
c) registered email addresses.
Attackers have masked base data such as full IP address and e-mail so they can not be misused by other hackers and targeted innocent. The items available to them are taken according to what they say in their message before 3 days from web pages bourdela.com and adultforum.gr. Our appreciation is that the data was obtained through weakness on the website (possibly SQL Injection) which allowed hackers to take parts of the base.
The administrators of the two websites,They do not seem to have perceived the attack until now while it doesn't exist information for their members.
It is worth noting that a cursory analysis of the portion of the base that was made public identified accesses from known public services, organizations, companies but even from subsidiaries of Greek Banks!! The website bourdela.com was put up under the study of the Greek authorities 2008 with lightning-business and arresting managers. According to the website (we have not confirmed it), 2013 the former manager was released of all categories after multiple court postponements.
According to press reports reported by SecNews by the attackers and we carry with every reservation, Soon there will be additional leaks of registered users from other websites that have taken data. In addition, they also have discussion of members of the site as well as other personal information.
Because, according to the released data, we estimate that personal user data has been put at the disposal of third parties, we call:
- Organizations, companies, services and agencies to limit access to the website through proxy servers/content filters they have until it is checked by the responsible administrators and there is an official announcement about the data of the attack.
- Users who have an account on the disputed websites adultforum.gr and bourdela.com to change their passwords IMMEDIATELY. If the password is used in other services (eg e-mail, social networks) to change it IMMEDIATELY.
- Webmasters must promptly request an enforce password change and analyze the relevant logs for attack details to inform their members.
It has not been elucidated until now by the perpetrators if it is the whole of the base or part of it that they were able to intercept. The file that has been posted to the anonymous drop point is 6MB.
The full list of users who have been scattered is available in this link.
Check if your username is in the above list and proceed to your immediate change of password. SecNews proceeds to the above update (in spite of the specific content of the site that was targeted) λdue to the increased number of members and unsuspecting users whose data were exposed.
SecNews made the above update (in spite of the specific content of the site that was targeted) λdue to the increased number of members and unsuspecting users whose data were exposed.
SecNews thanks the unknown informants for valid and detailed information about the attack.
