Cyber Incident Victim: Killersites Library
Date:
Nov 2015
Location:
United States of America
Summary
Smitt3nz AKA Rubber hacks library.killersites.com and dumps the records of 1596 users.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On November 3, 2015, an incident involving the compromise of the website "http://library.killersites.com" was reported. The attack was attributed to an individual known as "Smitt3nz," also known as "Rubber." The attack vector employed in this incident was Exfiltration from the Application Server. The details of the incident are as follows:
Smitt3nz, operating under the alias Rubber, orchestrated the attack on the "http://library.killersites.com" website on November 3, 2015. The attacker utilized a technique known as Exfiltration from the Application Server to gain unauthorized access to the website's database and extract sensitive information.
As a result of this breach, a substantial amount of data was exposed, including user credentials and subscription information. This data was found to be posted on an online article, as indicated by the following URL: [Online Article](https://web.archive.org/web/20190118013103/http://siph0n.in/exploits.php?id=4173). The article contained details about the compromised database, including the names of individuals, their subscription types, email addresses, and hashed passwords.
The exposed information included the following data:
- User IDs
- Usernames
- Email addresses
- Subscription types (e.g., SUB1MONTH, SUB1YEAR, UNLIMITED)
- Hashed passwords
Several users' personal information was compromised in this attack. The individuals affected by this data breach were subscribers of the "http://library.killersites.com" website, and their information was disclosed without their consent.
It is essential to note that the breach exposed sensitive data related to subscribers, including their contact information and subscription details. The incident had significant implications for the affected individuals, as their personal and subscription information was made publicly available.
The incident underscored the importance of robust cybersecurity measures and the need for organizations to remain vigilant in safeguarding their users' data against malicious actors like Smitt3nz, aka Rubber.