Cyber Incident Victim: AskMeBazaar

Description of the incident:
In September 2015, a cyber attack occurred on AskMeBazaar, an online marketplace based in India. The attack was carried out by ConnectingFriend;KheXan rOot, who used an exfiltration technique from application server to steal sensitive data belonging to the company and its users.

According to a report published on Pastebin, the attacker gained unauthorized access to AskMeBazaar's servers through a vulnerability in their application server software. Once inside, they were able to move laterally within the network, evading detection by security measures, and exfiltrate sensitive data such as user credentials, financial information, and other personal details.

The attack was discovered on September 3rd, 2015, when AskMeBazaar's security team noticed unusual activity on their servers. An investigation was launched immediately, and the company worked with law enforcement agencies to identify and apprehend the attacker. However, despite their efforts, the attacker managed to escape detection and remains at large.

The incident highlighted the importance of robust security measures in protecting sensitive data from cyber threats. AskMeBazaar has since taken steps to strengthen its security posture by implementing additional layers of protection against unauthorized access and exfiltration techniques, including enhancing firewalls, intrusion detection systems, and encryption protocols.

The incident also underscored the need for organizations to regularly review their security policies and procedures to ensure they are up-to-date and effective in addressing emerging threats. By staying vigilant and proactive in their approach to cybersecurity, companies can minimize the risk of falling victim to such attacks and protect their sensitive data from being compromised.