Wednesday, 12 September 2012

Domino's India website attacked, 37k accounts revealed!

The website of domino's India website link(click here) was hacked by a Turkish group called TurkishAjan.The message posted by the group can be seen here.
Screenshot of domino's India website

The website is operational and a user can place an order.The hacker's got access to over 37,000 accounts on the website has revealed the account information in plain text.

The Indian cyber security has been once again into limelight by this incident.The information includes names, contact numbers, email addresses, residential addresses and passwords in plain text.The attack was carried out by using popular SQL injection method and remote file inclusion. SQL injection attacks take advantage of the lack of filtering of user-input text, allowing attackers to trick the website’s database into revealing information through SQL commands supplied from input areas. Remote file inclusion is a type of attack that allows hackers to upload malicious scripts to be executed at the web server; again, improper input field validation makes a site vulnerable.
The logo of TurkishAjan hacker group.

Earlier this year famous hacker group Anonymous attacked Indian websites.

No comments:

Post a Comment