Yesterday night, iPhone customers might have been stunned to see a number of push notifications from Apple Information containing a racist slur and different obscene language. The notifications had been triggered by Quick Firm’s Apple Information account, prompting Apple Information to disable the publication’s information channel. Because it seems, a hacker who beforehand compromised the publication’s WordPress content material administration system (CMS) was behind the vulgar push notifications.
Breach Boards is a hacking web site frequented by cybercriminals who purchase and promote stolen information. It’s no shock, then, that the hacker who compromised Quick Firm’s CMS began a thread on Breach Boards asserting the hack and providing up stolen information. The hacker, who goes by the title “thrax,” claims to have stolen 6,737 worker data from the publication’s WordPress database. Nonetheless, he says that he wasn’t capable of entry buyer info.
In accordance with a second submit by thrax, he gained entry to Quick Firm’s WordPress occasion by discovering that the default password was “pizza123” and that no less than a dozen accounts nonetheless had the default password. Considered one of these accounts was an administrator account, giving the hacker excessive degree permissions throughout the publication’s CMS. The hacker then used these privileges to entry delicate info, together with authentication tokens, Apple Information API keys, Amazon SES secrets and techniques, and a Slack webhook. One of many authentication tokens let the hacker exfiltrate worker information, in addition to create a brand new admin account with entry to 2 further firm portals.
Quick Firm responded to those push notifications by suspending its information feed and shutting down its web site. For a while afterwards guests to the web site had been merely met by a 404 error. Nonetheless the publication has up to date its web site to show an announcement explaining the scenario. In accordance with this assertion, Quick Firm is working with a cybersecurity agency to resolve the scenario, and its web site received’t be restored to its regular state till that purpose is achieved.