CyberMorans,
Fast Company took its website offline after it was hacked to display stories and push out Apple News notifications containing š¤¬ obscene and racist comments. Yesterday, the hacker shared how they allegedly breached the site š¤
Fast Company is a monthly American business magazine published in print and online that focuses on technology, business, and designš
The site today shows a statement from the company confirming they were hacked on Sunday afternoon, followed by an additional hack on Tuesday evening that allowed hackers to push out racist notifications to mobile devices via Apple News.
"Company's content management system was hacked on Tuesday evening. As a result, two obscene and racist push notifications š¤¬ were sent to our followers in Apple News about a minute apart,"š„¶ reads a statement on Fast - Company's website. The messages are vile and are not in line with the content and ethos of Fast Company. We are investigating the situation and have shut down FastCompany.com until the situation has been resolved." šµ
The obscene Apple News notifications were quickly reported by users on Twitter š¤¬, leading Apple News to disable Fast Company's channel on the news service š¤¢
Earliest signs that Fast Company was breached occurred Sunday afternoon when the site's home page began filling up with stories titled "Hacked by Vinny Troia. ********** tongue my ********. Thrax was here.' š¤¢šæ
Members of the Breached hacking community, and the now shut down RaidForums, have a long-standing feud with security researcher Vinny Troia where they commonly deface websites and perform hacks, which they blame on the researcherš§
Fast Company took the site offline for some time to fix the defacement but was hacked again on Tuesday night. This time the hacker pushed out Fast Company notifications through Apple News that contained similar obscene and racist comments as the website defacement š²
Hackers tell how they breached Fast Company
Based on the mention of "Vinny Troia" in the defacements, it is not surprising to see a Breached hacking forum member named 'Thrax' sharing information about how they allegedly hacked Fast Company's website.š²
The hackerš claims they were able to breach Fast Company after they discovered a WordPress instance used by the company for their website.
This WordPress instance was allegedly secured using HTTP basic authentication that was bypassedš. The threat actor then say they gained access to the WordPress CMS using a very easy default password that was used on "dozens" of accounts š
From there, they say they were able to steal Auth0 tokens, Apple News API keys, and Amazon SES secretsš
Using these tokens, they claim to have created administrator accounts on the CMS systems, which were used to push out the notifications to Apple Newsš
Sourced: Bleepingcomputer
Conclusion
Subscribe to receive notifications of similar posts š where we will be reverse engineering malware and the technical aspect of vulnerabilities as well as how an attacker may use this vulnerability as an attack vector and other Infosec stuff...š
Morans,
Thank you for your time, Like and leave a comment/review and as always, stay awesome! šš šŖ
Comments