|
The Web Hacking Incidents Database
Last update:17 February 2008
List of Incidents for a Classification
Please note that classifications are a new feature and not all entries in WHID are already classified, so when you get a certain number of entries for a classification, WHID might have more records matching that classification that we did not classify yet. We hope to complete the classification process soon.
Select classification:
Attack Method, Country, Location, Origin, Outcome, Software, Vertical Select criteria for classification "Country":
?, Australia, Belgium, Brazil, Canada, China, Ecuador, France, Germany, Global, Greece, India, Israel, Italy, Jamaica, Japan, Korea, Libya, Mexico, New Zealand, Peru, Spain, Sweden, Thailand, Turkey, UK, United Nations, USA
List of incidents for which Country is Global
4 incidents listed
Reported: 17 February 2008Occurred: 23 November 2007
Classifications:
- Attack Method: Cross Site Scripting (XSS)
- Country: Global
- Outcome: Defacement
- Vertical: Technology
The standard disclaimer that we do not cover each and every defacement is relevant to this entry as well. So why do we include the defacement incident this time? First and foremost, it is known to be an XSS abusing a WordPress zero day bug. Secondly, it is a targeted attack aiming to deface only Mac related web sites. Usually targeted defacement attacks are carried out against political targets. Did attacking apple become a political issue? Was Apple transformed into a nation overnight? Well certainly into a cult.
References:
Reported: 22 January 2008Occurred: 20 January 2008
Classifications:
- Attack Method: Cross Site Scripting (XSS)
- Attack Method: SQL Injection
- Attack Method: Denial of Service
- Attack Method: SQL Injection
- Country: Global
- Country: USA
- Outcome: Defacement
- Outcome: Downtime
- Outcome: Defacement
- Vertical: Entertainment
The web site of RIAA, the Recording Industry Association of America was attacked twice using SQL injection over the weekend. First a query that takes particularly long time was posted on a social network web site causing a distributed denial of service attack against the site. Later on hackers found and abused additional SQL injection and XSS vulnerabilities resulting in major defacement of the site.
References:
Reported: 07 November 2007Occurred: 02 November 2007
Classifications:
- Attack Method: Redirection
- Country: Global
- Outcome: Phishing
- Vertical: Internet
While most WHID entries are about web
site breaches, sometimes vulnerability in a web application is used indirectly. Redirection functions in web applications are commonly used by spammers and phishers. It allows them
to include a honest looking URL in their e-mail, this way bypassing
spam filters and observant users.
Symantec response team found actively
used alternative in the best known page on the internet: Google primary search page. By using the Google famous "I feel lucky" feature, the spammer can automatically lead the victim to
the first result of a search. All the spammer is left with is finding a
query for which his site would pop up first on Google.
This method has another advantage over a redirection page,
as the final target is specified by a search string and not by a URL,
bypassing smarter filters that know, or learn, that a URL as a parameter of a URL is most probably redirection.
References:
Reported: 29 October 2007Occurred: 28 October 2007
Classifications:
- Attack Method: Unknown
- Country: Global
- Outcome: Leakage of Information
- Vertical: Retail
A hacker gained access to names and encrypted credit card numbers of Arts.com. While the reason is not known, since the information is known to belong to online shoppers who made transactions from July to September we assume it was a web site breach.
References:
This work is licensed under the Creative Commons Attribution License. To view a copy of this license, visit http://creativecommons.org/licenses/by/2.5/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
|
