Search...

Hacker stole $100,000 from Users of California based ISP using SQL Injection

2013-10-21T23:27:00

ID THN:E11A8A8A4B90C6E4733D82D1E7609503
Type thn
Reporter Mohit Kumar
Modified 2013-10-22T10:55:34

Description

In 2013 we have seen a dramatic increase in the number of hack attacks attempted against banks, credit unions and utility companies using various techniques including DDoS attack, SQL injection, DNS Hijacking and Zero-Day Flaws.

SQL Injection is one of the most common security vulnerabilities on the web and is successful only when the web application is not sufficiently secured.

Recently a hacking Group named 'TeamBerserk' claimed on Twitter that, they have stolen $100,000 by leveraging user names and passwords taken from a California ISP Sebastian (Sebastiancorp.com)to access victims' bank accounts.

A video proof was uploaded on the Internet, shows that how hackers used a SQL injection attack against the California ISP Sebastian to access their customers' database includes e-mail addresses, user names and clear text passwords and then using the same data to steal money from those customers.

Let's see what SQL Injection is and how serious an attack like this actually can be.

SQL Injection is a type of web application vulnerability in which the attacker adds Structured Query Language (SQL) code to web inputs to gain access to an organization's resources. Using this technique, hackers can determine the structure and location of key databases and can download the database or compromise the database server.

Hackers took just 15 minutes to hack into the website using SQLmap (Automated SQL Injection Tool) -- stole customers' database and then immediately accesses the victim's Gmail account, linked PayPal accounts and Bank accounts also.

It's so hard to remember multiple passwords, some people just use the same one over and over. Is your Facebook password the same as your Twitter password? How about the password for your bank's website?

Now the hack explains that this us why it's extremely dangerous to use the same password on more than one Web site. In the POC video, hacker randomly chooses one Sebastian username and his relative password against Paypal, Gmail and even Citibank account logins and seriously that actually worked, because the victim is using the same passwords for all websites.

Now that you've control of the situation, don't let this happen again! If you have a bank account, a few credit cards, and several other important sensitive accounts, conduct a thorough security audit on them. Be sure that you know when you last logged in. Be sure to keep using different and Strong passwords for each website.

JSON Vulners Source

Initial Source

{"id": "THN:E11A8A8A4B90C6E4733D82D1E7609503", "type": "thn", "bulletinFamily": "info", "title": "Hacker stole $100,000 from Users of California based ISP using SQL Injection", "description": "[![](http://3.bp.blogspot.com/-aSnfr0i3RmA/UmY8yeTAA9I/AAAAAAAAYN4/49QAYGgLbwU/s728/California+ISP+Sebastian+hacked.jpg)](<http://3.bp.blogspot.com/-aSnfr0i3RmA/UmY8yeTAA9I/AAAAAAAAYN4/49QAYGgLbwU/s1600/California+ISP+Sebastian+hacked.jpg>)\n\nIn 2013 we have seen a dramatic increase in the number of hack attacks attempted against banks, credit unions and utility companies using various techniques including [DDoS attack](<http://thehackernews.com/search/label/ddos%20attack>), SQL injection, [DNS Hijacking](<http://thehackernews.com/search/label/DNS%20hijacking>) and [Zero-Day](<http://thehackernews.com/search/label/zero%20day>) Flaws.\n\n \n\n\n[SQL Injection](<http://thehackernews.com/search/label/sql%20injection>) is one of the most common security [vulnerabilities](<http://thehackernews.com/search/label/Vulnerability>) on the web and is successful only when the web application is not sufficiently secured.\n\nRecently a hacking Group named '_**TeamBerserk**_' claimed on [Twitter](<https://twitter.com/TeamBerserk/status/391098776015761409>) that, they have stolen $100,000 by leveraging user names and passwords taken from a **California ISP Sebastian **(Sebastiancorp.com)to access victims' bank accounts.\n\n \n\n\nA [video proof](<https://mega.co.nz/#!o9FUBCLB!I2OGvBg6PdJnYNHf18erx1F8lpEop5RQfO6HkdKEHwY>) was uploaded on the Internet, shows that how hackers used a SQL injection attack against the California ISP Sebastian to access their customers' database includes e-mail addresses, user names and clear text [passwords](<http://thehackernews.com/search/label/password%20cracking>) and then using the same data to steal money from those customers.\n\n \n\n\nLet's see what SQL Injection is and how serious an attack like this actually can be.\n\n \n\n\nSQL Injection is a type of [web application](<http://thehackernews.com/search/label/Web%20Application%20Security>) vulnerability in which the attacker adds Structured Query Language (SQL) code to web inputs to gain access to an organization's resources. Using this technique, hackers can determine the structure and location of key databases and can download the [database](<http://thehackernews.com/search/label/database%20hacked>) or compromise the database server.\n\n[![](http://4.bp.blogspot.com/-yT8cBJyL9Hg/UmY8WSM9-YI/AAAAAAAAYNg/nJAhvRPdUvg/s728/SQL+Injection+bank+hacked+4.jpg)](<http://4.bp.blogspot.com/-yT8cBJyL9Hg/UmY8WSM9-YI/AAAAAAAAYNg/nJAhvRPdUvg/s1600/SQL+Injection+bank+hacked+4.jpg>)\n\nHackers took just 15 minutes to hack into the website using SQLmap (Automated SQL Injection Tool) -- stole customers' database and then immediately accesses the victim's Gmail account, linked PayPal accounts and Bank accounts also.\n\n[![](http://2.bp.blogspot.com/-cG7PWzbqA-4/UmY8cQRMk5I/AAAAAAAAYNo/olfbRj5HN_c/s728/SQL+Injection+bank+hacked+3.jpg)](<http://2.bp.blogspot.com/-cG7PWzbqA-4/UmY8cQRMk5I/AAAAAAAAYNo/olfbRj5HN_c/s1600/SQL+Injection+bank+hacked+3.jpg>)\n\nIt's so hard to remember multiple passwords, some people just use the same one over and over. Is your Facebook password the same as your Twitter password? How about the password for your bank's website?\n\n \n\n\nNow the hack explains that this us why it's extremely dangerous to use the same password on more than one Web site. In the POC video, hacker randomly chooses one Sebastian username and his relative password against Paypal, Gmail and even Citibank account logins and seriously that actually worked, because the victim is using the same passwords for all websites.\n\n[![](http://4.bp.blogspot.com/-k4k_EFWENPw/UmY8iX_RwtI/AAAAAAAAYNw/TUCpCXqi-MI/s728/SQL+Injection+bank+hacked+2.jpg)](<http://4.bp.blogspot.com/-k4k_EFWENPw/UmY8iX_RwtI/AAAAAAAAYNw/TUCpCXqi-MI/s1600/SQL+Injection+bank+hacked+2.jpg>)\n\n[![](http://2.bp.blogspot.com/-PURmvNXLpUY/UmZSrFxxIxI/AAAAAAAAYOE/NWbshWzO3lA/s728/Hacker+stole+$100,000+from+Users+of+California+based+ISP+using+SQL+Injection.jpg)](<http://2.bp.blogspot.com/-PURmvNXLpUY/UmZSrFxxIxI/AAAAAAAAYOE/NWbshWzO3lA/s1600/Hacker+stole+$100,000+from+Users+of+California+based+ISP+using+SQL+Injection.jpg>)\n\nNow that you've control of the situation, don't let this happen again! If you have a bank account, a few credit cards, and several other important sensitive accounts, conduct a thorough security audit on them. Be sure that you know when you last logged in. Be sure to keep using different and Strong passwords for each website.\n", "published": "2013-10-21T23:27:00", "modified": "2013-10-22T10:55:34", "cvss": {"vector": "NONE", "score": 0.0}, "href": "http://thehackernews.com/2013/10/hacker-stole-100000-from-users-of.html", "reporter": "Mohit Kumar", "references": [], "cvelist": [], "lastseen": "2017-01-08T18:01:14", "viewCount": 16, "enchantments": {"score": {"value": 1.8, "vector": "NONE", "modified": "2017-01-08T18:01:14", "rev": 2}, "dependencies": {"references": [], "modified": "2017-01-08T18:01:14", "rev": 2}, "vulnersScore": 1.8}, "immutableFields": []}