The | ratchet (reprinted a finance)
The day before, a financial reporter found that in the dark network hackers to steal a car called financial platform nine backstage access financial network, can invade all servers.
The hacker said he has obtained the user data on the platform 300 thousand, and to a bitcoin (value 35 thousand yuan) price to sell.
And the data packet to a terrible degree of detail.
There are 65 dimensions of data: in addition to the ID card, bank card, address and telephone and other basic information, and even work, salary, model and guarantor mobile phone number.
Even more frightening is that if the background permissions are acquired, is equal to the entire background in streaking……
01 dark network sale
In the Internet world, the dark network (Dark Web) as the submerged iceberg.
Drug traffickers, hackers, killer, in the virtual world in the complete darkness, unbridled freedom through.
11 in the afternoon of 4 March 4, the hacker wolf (a pseudonym) published a post in the dark, that took all the permissions of automobile finance goiro network platform.
“Including the background, server, database.” The lone wolf wrote in the post, “as to what is the use of these permissions and data, understand the nature of people understand.”
300 thousand user data, and full access to the backend server, only the price of 1 coins.
If the boss bought, I can provide full technical support.” The lone wolf said.
In order to verify the authenticity of the data, he was drying out of business management background goiro network interface. While his login identity, is the “super administrator”.
The sun is famous goiro lone wolf network management background, covering “operation management” and “management” “data report” and “financial management” and a series of content.
The background data show that nine net financial platform cumulative turnover of 4 billion 400 million yuan, the turnover of 19 million 950 thousand yuan, the total amount of income to be 640 million for.
In addition, goiro network users mobile phone number, ID number, login number and other private information, is also clearly visible.
Goiro network is what the company?
This car is a Wuhan based financial platform, to provide users with car mortgage loans and financial services.
Interestingly, the company has listed company background. 1 months to 2016 years, goiro net has announced the acquisition of Hong Kong listed companies from Columba interactive A round of financing.
02 65 dimensions
According to the introduction of his lone wolf, the data covers many dimensions, the amount of data in 300 thousand to 400 thousand. This figure, even more than the net goiro publicly registered users number 240 thousand.
“I am here to data, not only goiro net car loan users, P2P users and their investment, as well as internal data channels.” Lone wolf explained.
The lone wolf has provided a total of 3 copies of data.
The first electronic form, is a personal car loan data users.
This exceptionally detailed personal data, not only covers the user Name, mobile phone number, ID number, bank card number, as well as the household registration address, residence address, work unit, job, salary etc..
The lone wolf provides data, as many as 65 dimensions
Shockingly, the vehicle information car users, including car, license plate number, color, displacement and other information, and even two loan guarantor Name, mobile phone number, have also been included in the electronic form.
These data, as many as 65 dimensions.
According to a number of hacker said the 65 dimensions of the data, very detailed, they do not often see.
Then the data is from goiro network?
The financial data in the above call a number of parties. They have confirmed that he had been in the goiro net registered accounts, and the data are all true.
Only one party Yang exception. Yang said that he was not in the goiro net for a car loan or investment, but in 2015 at the 4S store in installments, bought a Volkswagen car.
According to Yang recalled, the year when the Car Buying mortgage finance company is “nine letter”. While goiro network company name, which is “Wuhan nine letter Inclusive Financial Information Service Co. ltd.”.
Second copies of the data, is known as the “lone wolf goiro network internal channel data, shows the source of customers, stores the information content of every business.
A third data covers registered user name, registered mail, registered mobile phone number and other information. Among them, two were garbled eye-catching.
Third copies of the data provided by the lone wolf, garbled encrypted password
Many security professionals pointed out that this is the MD5 encryption password and transaction password. They try to use the decryption software verification, find it easy to crack the password.
But according to security officials to crack passwords, login goiro network, found that the account and password is correct, you can log in normally.
The user account has a balance of $2246.
Even more frightening is that the third data provided by hackers, also includes the investment amount of users. The data file of the investment balance, consistent with the APP display.
Leaked data also shows that, the user still has a balance of $2246
That is to say, the data including all dimensions of assets and capital end end, the entire platform business.
“For the 6 digit short payment password, the general way of preserving” salt encryption. “. Using MD5 two encryption short code, is not responsible for the user.” Safety Engineer Zhang Hongwen said.
The financial data leaked call goiro network service. Customer service said, this is not clear, will feedback to the technical department.
03 “you’re late”
While the leakage of data, is not the most terrible.
The hacker wolf said, he not only overcome the database, also got the full privileges, including the server.
A lone wolf attempts to contact the financial, he said four words: “you’re late.”
He said: “the goiro network permissions, the owner has bought.”
For a Internet Co, “permission” means everything.
Have the permissions, the hacker can do.
“If the server is compromised, it means that the platform has been completely naked.” Network Security Engineer Zhang Hongwen of the Finance said that “as long as willing hacker can even put their pictures hanging on the front page of the website.”
What permissions leakage will bring users?
“If only data leakage, the most serious consequence is to be used fraudsters.” Zhang Hongwen said, “but if it is right to be bought competitors tampering with data, platform users to delete the loan records, everything is possible.”
“I just sold permissions. As for the customer will not ask what to do.” The lone wolf said.
In the end who leaked data and permissions?
“This should be the data leakage, hacker attacks, should not be a ghost.” Zhang Hongwen concluded that.
The reason he is supporting this judgment, hackers use the remote desktop login database. If the ghost is leaking, don’t need a remote desktop.
“For such a platform, do not leak permissions. As long as the replacement of all super administrator account and password server, you can make a hacker stole ‘rights’ failure.” Zhang Hongwen explained, “the next step is to check the vulnerability, avoid a hacker intrusion.”
But the data has good leak repair, leakage, repair have been too late.
Recently, the big data industry is hard.
A number of data companies surveyed, more than 90% of the industry company shut down to wait and see.
The data leaked from where?
The use of big data is a complicated network, from the source, storage and retrieval of each link, all possible loopholes. A link leaks, will fall short.
Security has become all the vital financial technology company.
In financial security, asset security, security technology, is also a priority among priorities.
In the background of big data consolidation, data security has become the first step of enterprise survival.
(respondents should be required, the paper part of the characters as a pseudonym)