News

Hackers Leave Advice for Breached Security Company

Security firm Staminus servers have been taken offline today, following a supposedly successful cyber-attack on their network. The Newport Beach, California-based hosting and distributed denial of service (DDoS) protection company went down at 8 am EST on Thursday, with the company communicating details of the event via Twitter citing it as a “rare event [that] cascaded across multiple routers in a system-wide event.”

This ‘rare event’ was quickly revealed to be a far more deliberate malicious act against the company, with a data dump of Staminus’ servers being posted to the internet shortly afterwards. This leak contained the details of a large number of customer names and email addresses as well as their database table structures, routing tables and other crucial operational information. An unnamed Staminus customer verified the contents of the hack, confirming that his details were among those released in the dump. The posters of the dump declared that they had managed to gain access to all of Staminus’ routers and networked systems, resetting them to factory settings.

The dump begins with a note from the hackers responsible for the breach, titled “TIPS WHEN RUNNING A SECURITY COMPANY.” This preface detailed a number of security flaws found while breaching Staminus’ systems in a sarcastic style:

  • Use one root password for all the boxes
  • Expose PDU’s [power distribution units in server racks] to WAN with telnet auth
  • Never patch, upgrade or audit the stack
  • Disregard PDO [PHP Data Objects] as inconvenient
  • Hedge entire business on security theatre
  • Store full credit card info in plaintext
  • Write all code with wreckless [sic] abandon

While no credit card information was visible in the dumped data, doing so unencrypted goes against Payment Card Industry (PCI) security standards and inappropriate for any company handling such details, especially one claiming to be in the security business.

Also laid bare was the colourful selection of customers that Staminus served. From a number of small gaming server operators, including those for Minecraft all the way to the Ku Klux Klan, it was found that the KKK’s official website was in fact hosted by Staminus, as well as a number of affiliated sites such as the American Heritage Committee.

While Staminus claimed that service had been restored globally, many customers took to Twitter claiming that it was not the case. Since then, the only communication from the firm has been the announcement of a statement from their CEO, which is linked to their (currently offline) site. When Staminus will regain full functionality of the network is anyone’s guess, however, it will be interesting to see how the company will recover from this major event.

Alexander Neil

Disqus Comments Loading...

Recent Posts

Electronic Arts Titles Played for Over 11 Billion Hours in 2024

Electronic Arts (EA) announced today that its games were played for over 11 billion hours…

1 day ago

Just 15% of Steam Gaming Time in 2024 Was Spent on New Releases

Steam's annual end-of-year recap, Steam Replay, provides fascinating insights into gamer habits by comparing individual…

1 day ago

STALKER 2 Gets Massive 110GB Patch With 1800+ Fixes

GSC GameWorld released a major title update for STALKER 2 this seeking, bringing the game…

2 days ago

Intel Unveils Core 200H Processors Based on the Previous Raptor Lake Refresh

Without any formal announcement, Intel appears to have revealed its new Core 200H series processors…

3 days ago

Ubisoft Reportedly Developing a New Quadruple A Game

Ubisoft is not having the best of times, but despite recent flops, the company still…

3 days ago

STALKER 2: Heart of Chornobyl Update 1.1 Fixes 1,800 Issues and Revamps A-Life 2.0

If you haven’t started playing STALKER 2: Heart of Chornobyl yet, now might be the…

3 days ago