11:13 Hackers gained access to the database users the pirate bay | |
The Argentine attacker Ch Russo said that he with two partners discovered numerous vulnerabilities in thepiratebay.org, related to the possibility of introducing SQL-code. With these vulnerabilities, they have access to the database users of the site and thus were able to create, delete, edit and view all information about users, including the number and names of file-trackers or torrent uploaded by users. Screenshot administrative panel of The Pirate Bay, showing the newly registered users: Ch Russo claims that neither he nor his partners will not alter or delete information in the database, The Pirate Bay . But he acknowledges that they understand how this access and the information may be valuable for anti-piracy organizations that are supported, eg, RIAA (Recording Industry Association of America) and MPAA (Motion Picture Association of America). In a telephone interview with Ch Russo said Brian Krebs - Author of KrebsOnSecurity.com, it's likely these groups will be very interested in this information, but with the partners are not going to sell it. Instead, they would like to tell people that their information will be protected not very good. Ch Russo showed Krebs yuzerneymy and MD5 password hashes in the administrators and moderators. Also Ch Russo was able to send e-mail and password hash Krebs, learning from him only yuzerneym. On Monday, Krebs tried to contact administrators via thepiratebay.org / contact, but he never responded. He wrote them on the official IRC-channel, but after the publication yuzerneymov heshev and passwords simply banned. According to Ch Russo, administrators have removed the component site that facilitates access to database users, adding that he did not contact the administrators directly. | |
|
Total comments: 0 | |