Avast Germany Hacked & 20,000 Credentials leaked with payment information

2013-03-12

Lee J

http://www.cyberwarnews.info/2013/03/10/avast-germany-hacked-20000-credentials-leaked-with-payment-information/

Its that time of the month again when Turkish Ajan hacker group member contacts me with a leak from a high profile target, this time the target is Avast.

The avast site is the German based .de domain which is the official GMBH based site (http://www.avadas.de/) for all avast related products and partner programs. The attack was announced to me via twitter by Maxn3y who has left the Main avast site defaced and now its offline with only a basic text cache working.

The attack has also seen a dump of data from the sites database which contains what appears to be a incomplete configuration file for the shop.avadas.de domain with included paypal payment system information.  It also has complete administration login details with encrypted passwords.

[...]
main page ATTRITION feedback