HackDig : Dig high-quality web security articles for hacker

Eastern India Regional Council hacked by Kapustkiy

2016-11-20 18:30

Kapustkiy, one of the most prolific hackers at this moment announced a new data breach, the victim is the India Regional Council.

Last week, I was contacted by a young hacker that breached Indian embassies across the worlds, he goes online with the moniker Kapustkiy.

Kapustkiy is a seventeen years old pentester that is targeting organizations and embassies across the world. Recently he breached the ‘Dipartimento della Funzione Pubblica’ Office of the Italian Government, the Paraguay Embassy of Taiwan (www.embapartwroc.com.tw), and a few days ago the hacker and his friend Kasimierz (@Kasimierz_) hacked the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and LibyaKapustkiy and his friend Kasimierz (@Kasimierz_).

He also targeted Universities, including two subdomains of Virginia University & Sub domain of University of Wisconsin (http://pastebin.com/i1wmM5D1 ) and another embassy, the Indian Embassy in New York (http://pastebin.com/Akm9x4dD )

The Indian authorities have issued a public statement to thank the young hacker for exposing the vulnerabilities in their websites.

“Thank you for your advice,” said Sanjay Kumar Verma, Joint Secretary, eGovernance and Information Technology. “We are fixing codes one by one. Your help in probing websites of various Indian embassies is a great help.”

This time the young hacker breached the database at the Eastern India Regional Council and leaked online a small portion of the archive composed of 17,000 users. Kapustkiy leaked an excel file containing more than 2000 user records as proof of the breach.

 India Regional Council breach

 

The records in the database of Eastern India Regional Council contain many attributes, including membership numbers, usernames, passwords, email addresses, registration numbers.

Kapustkiy used some web scanners to find several vulnerabilities in the target website and a simple SQL Injection tool to exploit the flaw he discovered. The hacker tried to contact the organization but they seem to ignore emails.

Once again Kapustkiy is inviting website administrators to pay attention to the security of their infrastructure.

Pierluigi Paganini

(Security Affairs – Kapustkiy,  India Regional Council)

The post Eastern India Regional Council hacked by Kapustkiy appeared first on Security Affairs.


Source: lmth.kcah-licnuoc-lanoiger-aidni/hcaerb-atad/71635/sserpdrow/oc.sriaffaytiruces

Read:8017 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Hacking data breach Ha

“Eastern India Regional Council hacked by Kapustkiy”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud