Exploit Hub, an exploit marketplace orginally launched by NSS Labs in 2010, but spun off by the testing firm in March of this year, said on Tuesday that they were compromised by a quasi-rival group going by the name Inj3ct0r Team. As it turned out, the information stolen by the attackers wasn’t of any real value as it was already publicly available.
Exploit Hub is a marketplace for researchers to buy and sell publically known exploits (no o-days allowed), of which Exploit Hub takes a 30-percent cut. In a way, Exploit Hub has plenty of positive points, such as paying researchers for their work, but faces the same setbacks, including low pay scales. Yet, it is the total opposite of exploit houses like Vupen, by design.
According to a public notice on Facebook, Exploit Hub was breached on Tuesday by a group going by the name Inj3ct0r Team. Oddly enough, Inj3ct0r Team also sells exploits, most of them publically known or scraped from other sources. It would seem that they planned to add Exploit Hub’s collection to their own, but they failed.
“Today (December 11th), the Inj3ct0r Team has hacked [Exploit Hub]… and stole private exploits worth $242,333,” an announcement from the group boasted.
“We hacked [Exploit Hub] because the people who publish private exploits on [there] need know that the ExploitHub Admins are lamers and can not provide them with adequate security.”
As it turns out, the cause for the breach was a lapse in security policy.
“After our initial investigation we have determined that the web application server itself was compromised and access to the database on that server was available to the attacker. The server was compromised through an accessible install script that was left on the system rather than being removed after installation, which was an embarrassing oversight on our part,” Exploit Hub explained.
“The exploit information provided in Inj3ct0r’s attack announcement text file and SQL dump consists of exploit names, prices, the dates they were submitted to the market, the Authors’ IDs, and the Authors’ usernames, all of which is publicly available information retrievable from the web application’s normal browse and search functions; this is not private information and it was already publicly accessible by simply searching the product catalog through the website.”
The incident it still being investigated, but so far, Exploit Hub admins are reasonably sure that nothing critical was stolen or compromised. As of 0600 on Wednesday, the Exploit Hub domain remains offline.
Correction: This article originally incorrectly stated that Exploit Hub was part of NSS Labs but has been corrected to reflect that it was spun-off from NSS Labs in March Of 2012 and has been independent since.
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
