Saturday, February 7, 2009

Kaspersky USA Site Hacked, Database Dumped

http://hackersblog.org/2009/02/07/usakasperskycom-hacked-full-database-acces-sql-injection/

Kaspersky is one of the leading companies in the security and antivirus market. It seems as though they are not able to secure their own data bases.

Seems incredible but unfortunately, its true.

Alter one of the parameters and you have access to EVERYTHING: users, activation codes, lists of bugs, admins, shop, etc.

First, lets see the version, user and name of the database.

User host & password for mysql.user

----------------------

Hat-tip to Billy Rios (XSSniper).

at
Labels:

1 comment:

  1. Pento4:46 AM

    Holy shit! If it's true it's fantastic!

    ReplyDelete

Subscribe to: Post Comments (Atom)