Avast.de Hacked And Defaced – 20,000 User Accounts Leaked [Updated]

A reseller for antivirus vendor Avast! have had their main German website and four of its subdomains hacked and defaced earlier today. Subsequently, details for some 20,000 or so user accounts have been made available online.

Maxney

As you can see from the image above the attack came from the Turkish Agent Hacker Group headed up by Maxney who has also bagged a few other high profile targets in recent months such as Asus in Italy, McDonalds in Thailand, Acer India, Casio in China, Nokia in Taiwan and the Renault car company in December of last year.

“The hacker, who contacted me on Twitter, explained that reason for hacking was the ongoing genocide of Palestinian and East Turkistnian people.”
HackRead.com

Following the hacking of Avast.de (which redirects to avadas.de and appears to be a reseller of Avast! products rather than the security company’s own site) and the subdomains a large amount of data was deposited on a well-known site where it can easily be shared. Below you can get an idea of what is included:

Avast-rar

The data available in those files includes a large amount of sensitive information including the following –

  • email addresses
  • usernames
  • plain text and encrypted passwords
  • dates of birth
  • phone numbers
  • PayPal details

Avast-de

At the time of writing it looks like the Avadas.de site is back to normal but the data that has been leaked is most definitely still out there for those who know how to find it.

Thanks to Hack Read for the heads up on this story:

Read more on the latest hacks at Hack Read.

Update : 11/03/2013

Whilst many people may believe that avadas.de is operated by Avast! themselves (due to the redirect from avast.de) that is in fact not the case – according to SoftPedia,

“We are aware that a site appearing to be an official site, AVAST.DE, was hacked and compromised. However, this is not an official site and does not belong to Avast Software. Instead, it has been owned and operated for many years by Procello, a German reseller,” Avast representatives said via email.

Also, having now been through all the leaked data I think it is safe to say that anyone who was an Avadas customer should change their credentials immediately as there is a lot of sensitive information included within the leaked documents.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Comments

  1. Website belongs to a German reseller of the Avast products, it is NOT owned or maintained by Avast, maybe corrections need to be made to indicate that.

    • Lee Munson says:

      Thanks for pointing that out. The site redirects from Avast.de but it appears that it is actually owned by Procello.

Trackbacks

  1. […] Of course AVG aren’t the only such victims of defacement lately – a reseller for Avast! was targeted recently and data for 20,000 customers was leaked. […]

  2. […] review is rather timely given recent goings-on at Avast! (read about that here) but such things can happen at with any security vendor so don’t let that put you off the […]

Speak Your Mind

*