F-Secure latest security vendor hacked

Article

F-Secure latest security vendor hacked

Robert Westervelt, News Editor
The website of security vendor F-Secure Corp. is the latest victim in a series of SQL injection attacks targeting security firms.

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

A Romanian hacker has detailed the latest SQL injection attack in a posting on the hackersblog.org forum. The anonymous hacker said he viewed some statistics regarding past virus activity after exploiting coding errors on the Helsinki, Finland-based antivirus vendor's website. The hacker said the website was vulnerable to both SQL injection and cross-site scripting attacks.

The hacker posted screenshots of the SQL Server information and database table names.

David Frazer, director of technology services for F-Secure's North American division confirmed the breach late Wednesday. Frazer said the database server breached was considered extremely low level and contained virus statistical information. Members of the F-Secure IT team have pulled the server down to investigate, he said.

"It was not even part of our critical infrastructure, nonetheless we're considerably embarrassed," he said. "As a security company it's still something that we should make sure is patched and up to date."

Frazer said the IT team is fairly certain that no other systems had been breached.

Kaspersky website hacked:
Kaspersky website hacked, customer activation codes exposed:Customer email addresses and up to 25,000 activation codes were exposed on a server for 10 days, the antivirus vendor said.

It is the second time in recent days that an antivirus vendor was the target of an attack. A Romanian hacker detailed a similar successful SQL injection attack against a Kaspersky Lab support website on Saturday, exposing a server containing thousands of customer email addresses and up to 25,000 activation codes.

The attack took place Feb. 7, but the information was exposed 10 days prior to the attack. The Russian-based antivirus company responded by hiring high-profile database security expert David Litchfield to conduct an independent audit of its systems.

The hacker also claimed to have exploited a vulnerability in a partner website associated with BitDefender.

Editor's Note: Story updated with F-Secure comments