Anonymous hijacks Attila Hildmann’s website – and discovers a leak at its provider

Anonymous versus Attila Hildmann: Website hacked, leak found at provider. (Photo: Jaz_Online / Shutterstock.com)

Ex-vegan chef and conspiracy storyteller Attila Hildmann and the hacking collective Anonymous have been linked by a hostility that has been smoldering for months. Hildmann and Anonymous clashed publicly for the first time in June 2020. At that time, the activists smuggled a person into a Hildmann chat group as an admin, which then kicked out 2,000 members. This was followed by a declaration of war by Hildmann and a counterstrike by Anonymous. Now the hackers have paralyzed the Hildmann site again, but encountered numerous security problems with its provider.

Anonymous hacks Hildmann website provider

According to a blog entry on Anonleaks, the hackers were looking for security holes in the provider – and got onto the server via a website with a vulnerable Joomla installation. However, they did not get through to Hildmann’s web space at first. Instead, it turned out that the hackers suddenly had “full access on all databases as ‘root’. So they could easily access the access control to the data center, webcams, the account management system or the ticket system, as it is called in the blog article.

Personal and unencrypted customer data are also accessible – not only master data, but also credit card data. According to Anonleaks, “the customer’s credit card data with name, card number, expiry date, provider and the CVC code in a single database table ”. The customer databases and the websites – except for those of Hildmann – have not touched Anonymous, as they say. However, access to the administration tool has been blocked and the customer login does not work.

Anonymous answers Hildmann’s request

The Hildmann site itself subjected the activists to a defacement, you can now see a video with a cover of “Oops! … I did it again ”. At the same time, Anonymous insisted on poking Attila Hildmann on. His complaint to customer support about the hijacked website was “I’m very sorry. Mouse. Kiss on the nut. LG Your Nightmare “answered The requirements of the GDPR as well as the credit card standard PCI-DSS are likely to have violated, the hacking of the activists is of course also a criminal offense. Unless proven otherwise, the presumption of innocence naturally applies in all cases.

You might also be interested in




The article from the source

Tags

Related Articles

Back to top button
Close