Hackers Offer Security Tips After Hacking Staminus

By now everyone is aware of Staminus getting hacked and dumping of the database that includes client and infrastructure information.  Staminus is a DDoS protection provider who went offline on Thursday and as of Today, the site is still displaying a message from the CEO.  While the website was taken offline, the hackers were publishing the stolen database online and some clients have verified their information inside the database.  The hackers didn’t just want to steal the database, they decided to take the entire Staminus network offline by resetting the router to their original factory default settings.  In the release, the hackers put out some useful security tips that will make every system admin wonder the type of people that were running Staminus.  Below you will find the list:

  • Use one root password for all the boxes
  • Expose PDU’s [power distribution units in server racks] to WAN with telnet auth
  • Never patch, upgrade or audit the stack
  • Disregard PDO [PHP Data Objects] as inconvenient
  • Hedge entire business on security theatre
  • Store full credit card info in plaintext
  • Write all code with wreckless [sic] abandon

I understand one might ignore the PHP object or using SIC but why would anyone use one root password for all servers.  Furthermore, it makes no sense to expose the PDU to WAN access. It is a very common understanding that with enough time and effort, everything is hackable.  When it is comes to security, it is crucial to put in place measures that will block or limit access.  The backend should never be exposed and she be kept on a private network or limited access with IP restriction.  I am sure the guy at Staminus are trying to restore things and hopefully they have a backup of everything.

Leave a Reply

Your email address will not be published. Required fields are marked *