Online commerce service provider, CCAvenue, has denied that its portal has been hacked.
Vishwas Patel, CEO, CCAvenue told NDTVGadgets, "I confirm that the image posted by a hacker is a spoofed, self-created one and not that of our database and it has been created just to create panic and defame our company. We are in the process of filing a criminal complaint against the unknown hacker for the slander and malicious campaign run against our company."
Earlier today, we reported that a hacker claimed to have broken into CCAvenue by exploiting "SQL injection vulnerability". The hacker, identifying himself as d3hydr8, submitted what he called a full disclosure of his attack on HackerRegiment.com. The "report" included what the hacker said were all the admin usernames and passwords of the CCAvenue portal.
In what was his first reaction on this, Vishwas Patel said, "First and most [we] would like to say that this a slanderous campaign that is targeting CCAvenue. Based on our initial investigations by our security officials, we confirm that no hack has happened of our servers at 1515 hours on 04th May 2011 by the following person, as claimed in his article. We also confirm that that the screenshot is not of our live database as the Apache version on live server is 2.2.17 (Updated more than 5 months ago) and not 2.2.14 (as claimed by the hacker). We also confirm that all the passwords of our merchants and all login credentials in our live database are encrypted and stored in our database and not in text format as claimed by the hacker."
He also assured that, "We don't store credit card details or Netbanking account details on our servers."
HackerRegiment has published the details submitted by the hacker but has maintained discretion by blurring the "passwords". The information published includes a list of databases, some information on tables within the databases, and screenshots of the administrator usernames and passwords.
HackerRegiment.com also claims to have reported the issue to CERT (Computer Emergency Response Team) India to help CCAvenue take corrective action before any information is released through any other media.
Vishwas Patel, CEO, CCAvenue told NDTVGadgets, "I confirm that the image posted by a hacker is a spoofed, self-created one and not that of our database and it has been created just to create panic and defame our company. We are in the process of filing a criminal complaint against the unknown hacker for the slander and malicious campaign run against our company."
Earlier today, we reported that a hacker claimed to have broken into CCAvenue by exploiting "SQL injection vulnerability". The hacker, identifying himself as d3hydr8, submitted what he called a full disclosure of his attack on HackerRegiment.com. The "report" included what the hacker said were all the admin usernames and passwords of the CCAvenue portal.
In what was his first reaction on this, Vishwas Patel said, "First and most [we] would like to say that this a slanderous campaign that is targeting CCAvenue. Based on our initial investigations by our security officials, we confirm that no hack has happened of our servers at 1515 hours on 04th May 2011 by the following person, as claimed in his article. We also confirm that that the screenshot is not of our live database as the Apache version on live server is 2.2.17 (Updated more than 5 months ago) and not 2.2.14 (as claimed by the hacker). We also confirm that all the passwords of our merchants and all login credentials in our live database are encrypted and stored in our database and not in text format as claimed by the hacker."
He also assured that, "We don't store credit card details or Netbanking account details on our servers."
HackerRegiment has published the details submitted by the hacker but has maintained discretion by blurring the "passwords". The information published includes a list of databases, some information on tables within the databases, and screenshots of the administrator usernames and passwords.
HackerRegiment.com also claims to have reported the issue to CERT (Computer Emergency Response Team) India to help CCAvenue take corrective action before any information is released through any other media.
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
security-news