DDoS protection firm Staminus has been breached and shamed by hackers, who released a mocking “Tips When Running a Security Company” list along with a data dump of Staminus customer information, including that for sites belonging to the Ku Klux Klan.
A crew going by the name of FTA took responsibility. The motivation was to bring to light one of Staminus’ key customers: The KKK.
“Yes, that’s right, Staminus was hosting the KKK and its affiliates,” it said. “An organization legally recognized in some regions as a terrorist collective. Not that we hold anything against the KKK. Choosing such an awful host as Staminus however is unforgiveable [sic], and consequently they had to be punished.”
The website run by the Klan has been downed as part of what appears to be a significant breach—and it remains down as of this writing, although the Staminus site itself is back online.
The hackers said that Staminus had used the same root password to access all its servers and hadn’t kept patches up to date, making it an easy target. In its sarcastic “Tips” zine, it detailed the company’s security holes:
- Use one root password for all the boxes
- Expose PDUs [power distribution units in server racks] to WAN with telnet auth
- Never patch, upgrade or audit the stack
- Disregard PDO [PHP Data Objects] as inconvenient
- Hedge entire business on security theatre
- Store full credit card info in plaintext
- Write all code with wreckless [sic] abandon
The dumped data meanwhile includes customer contact details and password hashes, as verified by Forbes. Information for the KKK and related sites, including a KKK radio site, was included.
SOURCE: Tara Seals