Earlier this week, January 29th 2019, a hacker going by the name of “Darkness Ghost” claimed credit for a hack and leak effecting MAPH EDITORA, a Brasilian based firm dealing in tax, finance and wage/labor consultation services. In a leak made available to the general public via Twitter, Darkness Ghost posted the email address and passwords used to login to the online accounts of 138 customers, theoretically granting access to whatever information each customer had entered into the website about themselves. Considering that this is a labor and tax service, it is fairly safe to assume that this includes personal finance, banking and tax return information – along with much more.
Having a look through the leaked information, it is clear that the website was compromised via an SQL injection tied to a web page featuring one of their online products. More specifically, product ID #153 (http://www.maph.com.br/ler_capitulo.php?products_id=153). The methodology behind this hack is almost identical in many ways to a hack of Lenovo last month, whom also had their sites PHP files compromised through a vulnerability attached to an outdated product ID page featuring a product which had long since been discontinued – but its web-page never taken deleted or taken offline.
Raw Leak: https://ghostbin.com/paste/taffh
Browse Full Leak:taffh - Ghostbin
— DarknessGhost (@darknessghostG) January 29, 2019
Categories: Hacking News