The hackers defaced the site and dumped its database

Apr 19, 2012 08:09 GMT  ·  By

Hackers part of Lulz Security Peru (LulzSec Peru) managed to gain unauthorized access to the site of the security solutions firm Hacksoft (hacksoft.com.pe), the provider of The Hacker antivirus .

As a result of the breach, the site was defaced and its database was published online.

“People, Lulzssecperu announces a big surprise for you, stay tuned for tomorrow 18th of April!!! Expect Us,” LulzSec Peru wrote on Twitter one day before the hack attack.

Five hours after the data breach took place, the website was taken offline, so we didn’t manage to get a glimpse of the defacement page which may have indicated the reasons behind this attack.

However, we did manage to take a look at the database dumps. Almost 1 megabyte in size, the two files published by the hackers contain product information, but also a handful of usernames and clear-text passwords.

Update. An anonymous researcher informs us that a popular hacking forum contains a topic regarding the presence of an SQL Injection vulnerability that could allow an attacker to gain root access to the site of Hacksoft.

At the time when the post was made, back in January, the exact same database files were dumped from the site.