The Asian Banker & 48 Other sites hacked, data leaked

xlegionOver the past few days a hacker who uses the handle @XTnR3v0LT who is apart of the hacker collective Xlegions has been dumping sites as part of an Operation they have dubbed #OpLeak. During this operation there have already been 49 websites breached but so far only one of them has leaked a large amount of data. The website that has leaked the most amount of data is from www.theasianbanker.com which is actually an banking and financial service information site not an actual bank like so think.

The Asian Banker is a leading provider of strategic intelligence on the financial services industry, established since 1996.

The breach was announced via twitter and posted to pastebin as well as the main page of the site being breached. (screen cap from @CameronRayy) a7dfaeccaaacpjx The leak contains a list of user account credentails and a link to a file on 4shared.com which contains further listings of information from user, administration accounts as well as other data. All passwords appear to be encrypted but stupidly the salt has been stored along side them making the cracking process a lot easier. I am still going over the information so hopefully more statistics will be published soon. https://ozdc.net/archives.php?aid=3991 Below is list of the contents of the compressed zip file which totals 444kb when compressed.

TITLE TYPE SIZE
   kumaribank / data.html Hyper Text Markup Language 3.1  KB
   kumaribank / tab.html Hyper Text Markup Language 5.3  KB
   kumaribank / users.html Hyper Text Markup Language 3.8  KB
   midwestbank / authors.html Hyper Text Markup Language 3.1  KB
   midwestbank / data.html Hyper Text Markup Language 2.7  KB
   midwestbank / tab.html Hyper Text Markup Language 11.5  KB
   procredit / DATA.html Hyper Text Markup Language 3.2  KB
   procredit / tabelshema.html Hyper Text Markup Language 20.3  KB
   procredit / website1 / exchange rate 16-4-2012.html Hyper Text Markup Language 4.3  KB
   procredit / website1 / tb_complains$.html Hyper Text Markup Language 7.3  KB
   procredit / website1 / tb_exchange_rate.html Hyper Text Markup Language 4.2  KB
   procredit / website1 / tb_products.html Hyper Text Markup Language 7.0  KB
   procredit / website1 / tb_products_type.html Hyper Text Markup Language 2.7  KB
   procredit / website1 / tb_profile.html Hyper Text Markup Language 5.6  KB
   procredit / website1 / tb_whistleblower.html Hyper Text Markup Language 11.6  KB
   procredit / website1 / user_group.html Hyper Text Markup Language 2.7  KB
   procredit / website1 / user_pwd.html Hyper Text Markup Language 2.5  KB
   procredit / website1 / users.html Hyper Text Markup Language 4.3  KB
   theeasierbank / ab500 / ab500_2011.html Hyper Text Markup Language 95.3  KB
   theeasierbank / asianban / enewspayments.html Hyper Text Markup Language 28.3  KB
   theeasierbank / asianban / job.html Hyper Text Markup Language 11.7  KB
   theeasierbank / asianban / login_admin.html Hyper Text Markup Language 2.9  KB
   theeasierbank / asianban / modx user.html Hyper Text Markup Language 773.7  KB
   theeasierbank / asianban / modx_access_policies.html Hyper Text Markup Language 31.3  KB
   theeasierbank / asianban / modx_active_user.html Hyper Text Markup Language 12.8  KB
   theeasierbank / asianban / modx_juser.html Hyper Text Markup Language 159.2  KB
   theeasierbank / asianban / modx_user_atributes.html Hyper Text Markup Language 1.3  MB
   theeasierbank / asianban / modx_user_group_roles.html Hyper Text Markup Language 3.8  KB
   theeasierbank / asianban / tab_account.html Hyper Text Markup Language 9.3  KB
   theeasierbank / asianban / tab_author.html Hyper Text Markup Language 70.2  KB
   theeasierbank / asianban / tab_profile.html Hyper Text Markup Language 172.5  KB
   theeasierbank / asianban / users.html Hyper Text Markup Language 155.5  KB
   theeasierbank / asianban / whitepaperuser.html Hyper Text Markup Language 43.5  KB
   theeasierbank / data.html Hyper Text Markup Language 3.3  KB
   theeasierbank / dms / events.html Hyper Text Markup Language 3.7  KB
   theeasierbank / dms / job type.html Hyper Text Markup Language 3.1  KB
   theeasierbank / dms / pyment type.html Hyper Text Markup Language 3.9  KB
   theeasierbank / dms / regtype.html Hyper Text Markup Language 4.9  KB
   theeasierbank / gallery / wp_user.html Hyper Text Markup Language 4.5  KB
   theeasierbank / gallery / wp_usermeta.html Hyper Text Markup Language 16.0  KB
   theeasierbank / hacked.png PNG File 57.9  KB
   theeasierbank / poll_login / admin_login.html Hyper Text Markup Language 2.7  KB
   theeasierbank / saledb / rw_promo_code.html Hyper Text Markup Language 3.5  KB
   theeasierbank / saledb / rw_promo_code_redee.html Hyper Text Markup Language 3.5  KB
   theeasierbank / shema.html Hyper Text Markup Language 15.7  KB

  Screen cap of site defacement when first entering the site results in a different message than to above.. a7deszpcaaetsar

About the author: Lee J

Security Analyst, Developer, OSINT, https://www.ctrlbox.com

Comments are closed.