Sansec reveals how online stores expose private data, backups

Share post:

According to Sansec, approximately 12% of online stores fail to backup their public folders due to human error or negligence. As a result, online stores have exposed private backups in public folders, including internal account passwords, which can be used to take over e-commerce sites and extort owners.

Sansec said it examined 2,037 different stores and discovered 250 (12.3%) exposed ZIP, SQL, and TAR archives on public web folders that can be accessed without authentication. According to Sansec, these archives appear to be backups that contain database passwords, secret administrator URLs, internal API keys, and customer PII (personally identifiable information).

According to Sansec, its analysts see constant activity from attackers who launch automated scans in an attempt to locate these backups and perform breaches. Furthermore, the presence of multiple source IPs for these attacks indicates that threat actors are well aware of the existence of exposed backups and are attempting to exploit them.

If the exposed backups contain administrator credentials, master database passwords, or staff accounts, attackers can use them to gain access to the site and steal data or launch destructive attacks.

“Online criminals are actively scanning for these backups, as they contain passwords and other sensitive information,” reads the Sansec report “Exposed secrets have been used to gain control of stores, extort merchants and intercept customer payments.”

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways