Wednesday, March 7, 2012

AntiSec Hacks Panda Security Sites for Praising LulzSec Arrests

AntiSecWhile law enforcement may have been toasting to the arrests of six Anonymous hackers belonging to the LulzSec team on Tuesday, another group of Anonymous affiliated hackers were on the prowl for their next target.

Who did they pick? None other than the Spain-based antivirus firm, Panda Security.

According to a message posted on Pastebin, Anonymous hackers affiliated with the AntiSec group defaced over two dozen Panda Security domains on Wednesday, replacing their content with a YouTube video that highlighted past LulzSec activity, along with what appeared to be a collection of login credentials and email addresses of over a hundred Panda employees.

Message left by AntiSec

It seems that Panda Security was targeted because of their (alleged) cooperation with law enforcement in identifying LulzSec members and for a (now inaccessible) blog entry  posted by PandaLabs technical director, Luis Corron, which praised the LulzSec arrests.

Panda Security took to Twitter and Facebook accounts to address the public, saying that the AntiSec group only hit “marketing and blog” sites that were hosted externally and did not breach their internal network. No source code or customer data was accessed.

As for the logins that were posted? Panda Security states they were old or invalid.

Here is the official statement taken from the Panda Security Facebook page:
On March 6th the hacking group LulzSec, part of Anonymous, obtained access to a Panda Security webserver hosted outside of the Panda Security internal network. This server was used only for marketing campaigns and to host some of the company’s blogs. Neither the main website www.pandasecurity.com  nor www.cloudantivirus.com  were affected in the attack. The attack did not breach Panda Security’s internal network and neither source code, update servers nor customer data was accessed. The only information accessed was related to marketing campaigns such as landing pages and some obsolete credentials, including supposed credentials for employees that have not been working at Panda for over five years.

We continue investigating the cause of the intrusion and will provide more details as soon as they become available. Meanwhile we assure all our customers and partners that none of their information has been compromised and that our products and services continue functioning as normal.

At the time of this writing, all of the sites that were hit by AntiSec still appear to be offline while Panda investigates what happened.

Let’s hope that they don’t discover that their internal network was infact breached and the hackers did plant a backdoor in their software, as they claim in their message left during the attack. Only time will tell.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment