A reseller for antivirus vendor Avast! have had their main German website and four of its subdomains hacked and defaced earlier today. Subsequently, details for some 20,000 or so user accounts have been made available online.
As you can see from the image above the attack came from the Turkish Agent Hacker Group headed up by Maxney who has also bagged a few other high profile targets in recent months such as Asus in Italy, McDonalds in Thailand, Acer India, Casio in China, Nokia in Taiwan and the Renault car company in December of last year.
“The hacker, who contacted me on Twitter, explained that reason for hacking was the ongoing genocide of Palestinian and East Turkistnian people.”
Following the hacking of Avast.de (which redirects to avadas.de and appears to be a reseller of Avast! products rather than the security company’s own site) and the subdomains a large amount of data was deposited on a well-known site where it can easily be shared. Below you can get an idea of what is included:
The data available in those files includes a large amount of sensitive information including the following –
- email addresses
- plain text and encrypted passwords
- dates of birth
- phone numbers
- PayPal details
At the time of writing it looks like the Avadas.de site is back to normal but the data that has been leaked is most definitely still out there for those who know how to find it.
Thanks to Hack Read for the heads up on this story:
— Hack Read (@HackRead) March 9, 2013
Read more on the latest hacks at Hack Read.
Update : 11/03/2013
Whilst many people may believe that avadas.de is operated by Avast! themselves (due to the redirect from avast.de) that is in fact not the case – according to SoftPedia,
“We are aware that a site appearing to be an official site, AVAST.DE, was hacked and compromised. However, this is not an official site and does not belong to Avast Software. Instead, it has been owned and operated for many years by Procello, a German reseller,” Avast representatives said via email.
Also, having now been through all the leaked data I think it is safe to say that anyone who was an Avadas customer should change their credentials immediately as there is a lot of sensitive information included within the leaked documents.