430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Kapustkiy hacked the website of the Costa Rica Embassy in China

The popular hacker Kapustkiy continues to target websites of embassies across the world, the last victim is the Costa Rica Embassy in China. The hacker Kapustkiy continues its string of hack, today he announced a news data breach, the victim is the Costa Rica Embassy in China. Kapustkiy accessed a database containing 280 login credentials, but just published online 50 of them […]

Kapustkiy hacked the website of the Costa Rica Embassy in China

The popular hacker Kapustkiy continues to target websites of embassies across the world, the last victim is the Costa Rica Embassy in China.

The hacker Kapustkiy continues its string of hack, today he announced a news data breach, the victim is the Costa Rica Embassy in China.

Kapustkiy accessed a database containing 280 login credentials, but just published online 50 of them as a proof of the attack. Just after the attack, the Costa Rica Embassy in China, costaricaembassycn.com,  was not reachable.

Costa Rica Embassy hacked

 

The website has 280 user entries, it was running on a WordPress platform and after a few tests, the hacker discovered that it was affected by several SQL Injection flaws.

“The first thing I did was to start the exploitation of a SQL vulnerability I have discovered.” said Kapustkiy. “Then I tried brute force and I got a huge list of users”
“I have published around 50 users, the rest is private”

The hacker, who discovered 4 databases in the hack, leaked data belonging to Costa Rica Embassy in China at the following URL:

http://pastebin.com/hEWsuaq2 

Leaked records include IDs, emails, and encrypted passwords. Kapustkiy confirmed me that he has reported the vulnerability to the CNCERT/CC and to the website administrator.

The young hacker is very active, a few days ago he announced the data breach of the Slovak Chamber of Commerce (www.scci.sk) that affected more than 4,000 user records.

Recently Kapustkiy targeted several organizations, including the Consular Department of the Embassy of the Russian Federation, the Argentinian Ministry of Industry, the National Assembly of Ecuador, the Venezuela Army, the High Commission of Ghana & Fiji in India, the India Regional Council as well as organizations and embassies across the world.

He also broke into the ‘Dipartimento dellaFunzione Pubblica’ Office of the Italian Government, the Paraguay Embassy of Taiwan (www.embapartwroc.com.tw), and the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya.

A curiosity, in the manifesto published on PasteBin the hacker wrote

“A SQL Weapon is the most dangerous weapon on the Internet”

and the facts seem to confirm it.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Kapustkiy, Costa Rica Embassy in China.)