It’s really disappointing that an anti-virus company dedicated to computer security was failed to implement necessary security measures to protect its customers data. It clearly shows that even security providers are vulnerable to compromise.

BitDefender Hacked

BitDefender is one of the most popular Antivirus firm and it is often called as “The Best Antivirus”. It has recently been hacked and part of customer data is leaked. It appears that the hacker, who uses the online alias DetoxRansome, was able to break into a Bitdefender server that hosted the cloud-based management dashboards for its small and medium-sized business clients, and pilfer usernames and passwords belonged to them.

Passwords Are Unencrypted!

According to the hacker who took the data and tried to extort the firm, usernames and passwords were not encrypted. The attack did not penetrate the server, but “a vulnerability potentially enabled exposure of a few user accounts and passwords”. The attack leaked a “very limited” number of usernames and passwords, representing “less than one per cent of our SMB customers”, according to the spokesperson.

SSL Vulnerability Amazon Elastic Web cloud.

According to the attacker they had taken control of two BitDefender cloud servers and “got all logins”. They were unencrypted,using Amazon Elastic Web cloud which is notorious for SSL bugs. However there was no evidence for this claim as Amazon Web Services was at fault. Because Amazon’s cloud arm has a policy that states it provides the infrastructure and customers are responsible for their application security.

Hacker Demands Ransom..

The hackers are threatening to release the leaked data publicly unless the ransom of $15,000 is paid by BitDefender. Over the weekend, the hacker dumped some data online, which appeared to contain more than 250 customers’ usernames and passwords. Some emails had .gov domain extensions, indicating government customers were affected.

Targeted Attacks On Security Firms.

This year saw Russian anti-virus firm Kaspersky breached, though it believes government-sponsored hackers were responsible as part of a surveillance operation, not criminals after money. There were claims Israel and US intelligence agents may have been involved. As per the Documents leaked by Edward Snowden showed the NSA had targeted a large number of anti-virus companies, including BitDefender. Days after that revelation, a Google researcher detailed holes in ESET anti-virus. Recently Hacking Team, a provider of spyware for law enforcement, was also breached.