Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Kapustkiy hacked the Consular Department of the Embassy of the Russian Federation

Kapustkiy breached website for the Consular Department of the Embassy of the Russian Federation in the Netherlands and accessed passport numbers and PPI. The white hat hacker Kapustkiy breached the website for the Consular Department of the Embassy of the Russian Federation in the Netherlands (ambru.nl). The hacker broke into the database and accessed personal information of […]

APT28

Kapustkiy breached website for the Consular Department of the Embassy of the Russian Federation in the Netherlands and accessed passport numbers and PPI.

The white hat hacker Kapustkiy breached the website for the Consular Department of the Embassy of the Russian Federation in the Netherlands (ambru.nl). The hacker broke into the database and accessed personal information of approximately 30,000 users, as proof of the attack he leaked only 129 records in order to give the opportunity to administrators to fix the issue. Exposed records include emails, phone numbers, passport numbers, and IP addresses.

Embassy of the Russian Federation

“So this could happend? And we give zero fucks about this? You should be a shame ambru.nl When are you guys going to fucking listen to me. A lot people have emailed you guys. SO TELL ME WHY YOU IGNORE ME FFS?” states the hacker’s manifesto published on PasteBin.

When asked about the hacking vulnerability exploited and the attack technique used, Kapustkiy told me that he has exploited a blind SQL Injection.

He hacked the website to push website administrators to boost the security of their platform and patch vulnerabilities that would expose personal details of the users.

Why the Consular Department of the Embassy of the Russian Federation?

There is no political motivation, the hacker was searching for the embassy websites like the Indian ones he breached weeks ago.

IT staff at the Consular Department of the Embassy of the Russian Federation contacted Kapustkiy and told him that they are working to solve the problem.

Kapustkiy reported the data breach to the Russian authorities, but he didn’t receive a response.

Recently Kapustkiy has breached the Argentinian Ministry of Industry and the National Assembly of Ecuador and leaked the data via PasteBin. A few days ago the hacker breached the Venezuela Army and many other websites.

He also hacked the website at the High Commission of Ghana & Fiji in India and the India Regional Council as well as organizations and embassies across the world.

Recently he hacked the ‘Dipartimento dellaFunzione Pubblica’ Office of the Italian Government, the Paraguay Embassy of Taiwan (www.embapartwroc.com.tw), and the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Kapustkiy, Consular Department of the Embassy of the Russian Federation)