[WASC-WHID] WHID 2011-38: HBGary Federal Hacked by Anonymous

WASC Web Hacking Incidents Database wasc-whid at lists.webappsec.org
Fri Apr 15 13:10:34 EDT 2011

Entry Title: WHID 2011-38: HBGary Federal Hacked by Anonymous
WHID ID: 2011-38
Date Occurred: February 7, 2011
Attack Method: SQL Injection
Application Weakness: Improper Input Handling
Outcome: Leakage of Information
Attacked Entity Field: IT Services
Attacked Entity Geography: USA
Incident Description: In a phone interview late Sunday evening, Hoglund said
that unlike the more traditional Web-site attacking activities of Anonymous,
the hackers who infiltrated HBGary¹s system showed real skills, even social
engineering a network administrator into giving them complete control over
rootkit.com, a security research site Hoglund has long maintained.
³They broke into one of HBGary¹s servers that was used for tech support, and
they got emails through compromising an insecure Web server at HBGary
Federal,² Hoglund said. ³They used that to get the credentials for Aaron,
who happened to be an administrator on our email system, which is how they
got into everything else. So it¹s a case where the hackers break in on a
non-important system, which is very common in hacking situations, and
leveraged lateral movement to get onto systems of interest over time.²
Mass Attack: No
Attack Source Geography:

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/wasc-whid_lists.webappsec.org/attachments/20110415/240ea48a/attachment-0003.html>

More information about the wasc-whid mailing list