Politically-targeted attack on Arktos Media

As of today:


Arktos' webshop is temporarily offline. The reason is that our server was hacked. The information currently available to us indicates that the hackers have obtained e-mail correspondence and, possibly (this has not been confirmed), customer information. We will provide our customers with further information by e-mail as soon as we have completed our investigation of the incident. Our webshop will be back online when we have identified how the hackers managed to gain entry into our systems and taken appropriate security measures to prevent similar incidents from occurring in the future.

We apologize for the inconvenience.

--The Arktos Team


As I recall, they used fairly standard software like osCommerce. This means an unpublished vulnerability led to an SQL injection attack. Who has that kind of resources? Organized groups and nations, usually, since when exploits make it into the wild they get patched. This is a tragedy and I am sorry for the Arktos team who has to suffer this mess.

Comments

Popular Posts