Anti-DDoS Firm Target of DDoS Attack
Irony- the expression of one’s meaning by using language that normally signifies the opposite, or in this case, a company who falls victim to the very thing they exist to defend against. On March 10, 2016 global DDoS protection company, Staminus, was the recipient of a DDoS attack. This distributed denial of service attacks rendered their network inoperable for over 20 hours.
Staminus released a statement confirming that issue was a result of an unauthorized intrusion into their network. “As a result of this intrusion, our systems were temporarily taken offline and customer information was exposed. Upon discovering this attack, Staminus took immediate action including launching an investigation into the attack, notifying law enforcement and restoring our systems.” They confirmed that usernames, passwords, customer name and contact information, as well as payment card data was exposed.
While Staminus techs were working to get the company site back up, the attacker was posting online download links for customer credentials, support tickets, credit card information and other sensitive data according to security guru, Brian Krebs. This stolen information was posted in a “hacker e-zine” format, entitled “F*ck ‘em all.” The webpage also includes links to other reportedly stolen databases from Intreppid, a Staminus project targeted to customers looking for protection against DDoS attacks.
The attacker also left a note, with the “e-zone” titled, “TIPS WHEN RUNNING A SECURITY COMPANY”.
The following “tips” accused against Staminus included:
- Use one root password for all the boxes
- Expose PDU’s [power distribution units in server racks] to WAN with telnet auth
- Never patch, upgrade or audit the stack
- Disregard PDO [PHP Data Objects] as inconvenient
- Hedge entire business on security theatre
- Store full credit card info in plaintext
- Write all code with reckless [sic] abandon
As of today their website still appears to be down, with only their statement from the CEO and social media platforms working. After Saturday it has been quiet from Staminus while they are undoubtedly busy sorting this out, but their customers are not so happy about the silence. While most unfavorable Facebook comments have already been deleted, the company’s Twitter has been flooded with comments, some users even claiming to see their credentials in the online data dump.
Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.