14 DAY TRIAL // Team Dig7tal hackers have breached the systems of the University of Palermo (palermo.edu). To prove that they managed to gain access they published database information, along with a number of user credential sets.
The 139 records comprised usernames, initials, user IDs, and passwords encrypted with SSHA (Salted SHA).
“It's a very juicy site, the mails table had 68K entries, but that's what lead me to discover that it is a honeypot. So I didn't end up dumping it, but I did manage to extract 139 SSAH hashed passwords,” the hacker DMT wrote.
“The vuln is still up, so I may keep poking around as there was some damn juicy data!”
Passwords encrypted using SSHA are difficult, if not impossible, to decrypt, which means that most likely the user credentials exposed by the hackers cannot be misused.
However, the website obviously contains some dangerous security holes, which will hopefully be addressed soon, before some serious damage is caused.