A hacking group who call themselves d33ds hijacked a rival hacker’s online shop. The rival hacker sells unauthorised access to high-profile websites and data. Since its creation, the website has been used to advertise stolen information from a number of organisations such as the U.S. Army and the U.S. Department of Defense.
The owner of this online shop goes by the name of Srblche, and he also offers the service of compromising a particular server that his customer wanted to target,
Rob Rachwald, director of security strategy at security firm Imperva, believes that Srblche reside in Kuwait stating “We tracked his Facebook profile.”
Srblche doesn’t seem to be too popular in the hacking community as he has a history of stealing other people’s tools from underground forums in an attempt to profit from them. This is one reason why the group d33ds may have targeted him.
In d33ds announcement about Srblche’s online catalogue being hacked, they stated “Anyone willing to pay for this service must be as stupid as he is.” To further enhance the damage that they have caused to Srblche’s profiteering, the group published information about the server, the hacker’s administrative access code in plain text and the password hashes of his customers.
It is still unknown how d33ds conducted the hack; however, Imperva’s researchers believe that it may have been done by breaking in through another application that is hosted on the same server. They believe that the group hacked Srblche’s online catalogue the same way as they hacked the website RankMyHack.com. Imperva commented “D33ds is the same group that hacked RankMyHack.com. This is how Rank My Hack was breached.”
Rachwald has stated that Imperva is unaware of any case where stolen information sold by Srblche has been used in an attack against an organisation. He also added that it is hard to determine whether this has happened as the attackers generally don’t boast it publicly.
When a hacker gets hacked, there is the increased risk that sensitive data that has been stolen from companies will be made public. If this happens, it could have a detrimental impact on the affected companies.
Rachwald suggests that organisations need to implement several procedures to reduce the likelihood of losing sensitive data. He suggests “They should regularly use Google to search for hints of vulnerabilities on their websites because this is a common practice used by hackers. They should also test their websites with a vulnerability scanner and install a web application firewall.”
