“There is no delight in owning anything unshared.”

Cyberattacks November 2012 Part I – #opleak Targets Financial Institutions in Asia

#opleak is an operation originating from the hacker group – xl3gi0n, which had hacked, defaced and leaked databases information of four financial institutions in Asia.

xlegion

The Hacker Group are targeting

  • The Victims: The Asian Banker, Kumari Bank, Midwest Bank and Procredit
  • The Targets: Web servers running on Apache with PHP installed with MySQL
  • The Method : SQL Injection
  • The Tool: Havij – automated SQL injection tool

A good Defenses references from OWASP:

Primary Defenses:

  • Option #1: Use of Prepared Statements (Parameterized Queries)
  • Option #2: Use of Stored Procedures
  • Option #3: Escaping all User Supplied Input

Additional Defenses:

  • Also Enforce: Least Privilege
  • Also Perform: White List Input Validation

Advisories:

  • Ensure web portals sanitize user inputs to ensure data input are as they should be. Limit the use of SQL queries from applications through the use of stored procedures.
  • Webmaster can configure their web server to block access traffic from client where the HTTP User Agent header contains ‘Havij’, although this may be changed.
  • Ensure the systems are using an up to date version of the software and have had all vendor supplied patches applied, especially for the systems which are running Apache, PHP and MySQL.

 

More details from  OWASP SQL Injection Cheat Sheat

opleak

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s