Cyber Incident Victim: Asia Digital Culture Technology Co., Ltd.
Date:
Jan 2015
Location:
China
Summary
Zyklon hacks en.asiadcp.com and dumps 3,361 usernames and clear text passwords.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On January 1st, 2015, a significant cyber incident took place, involving the website en.asiadcp.com. The attack, reported on the same day, was orchestrated by an entity known as Zyklon, who utilized the technique of Exfiltration from Application Server to compromise sensitive information.
The attackers successfully infiltrated the website and gained unauthorized access to a substantial amount of buyer information. The compromised data included critical details such as login names, passwords, email addresses, gender, mobile numbers, postal addresses, ZIP codes, cities, states, and countries. Some of the affected users and their corresponding details are as follows:
1. pcc
- Login Name: pcc
- Email: [email protected]
- Country: KE
- IP Address: 218.18.50.110
2. aaronfood
- Login Name: aaronfood
- Email: [email protected]
- Country: SG
- IP Address: 218.17.78.15
3. kenflex
- Login Name: kenflex
- Email: [email protected]
- Country: KE
- IP Address: 218.18.50.110
... and so on for the other compromised users, each with their respective login names, email addresses, countries, and IP addresses.
Zyklon, the entity behind the attack, demonstrated a sophisticated understanding of cybersecurity vulnerabilities by employing the Exfiltration from Application Server technique. This method involves extracting sensitive data directly from the application server, bypassing traditional security measures and gaining access to valuable information.
The incident was widely reported and documented in an online article accessible via a specific URL (https://web.archive.org/web/20150308065755/https://pastebin.com/wp8xcir3). The details of this article provided additional context and background information regarding the attack, shedding light on the extent of the breach and the compromised data.
The cyber incident on January 1st, 2015, involving en.asiadcp.com, was a significant breach orchestrated by Zyklon. The attackers utilized the Exfiltration from Application Server technique to access and extract sensitive buyer information, including login names, passwords, email addresses, and other personal details. The incident highlighted the vulnerabilities within the website's security infrastructure, prompting concerns about data privacy and cybersecurity in the digital landscape.