Over 12% of analyzed online stores expose private data, backups

Orchid

Orchid

Level 1
Thread author
Jan 27, 2023
44
Content source
https://www.bleepingcomputer.com/news/security/over-12-percent-of-analyzed-online-stores-expose-private-data-backups/
Many online stores are exposing private backups in public folders, including internal account passwords, which can be leveraged to take over the e-commerce sites and extort owners. According to a study by website security company Sansec, roughly 12% of online stores forget their backups in public folders due to human error or negligence. The study examined 2,037 stores of various sizes and found that 250 (12.3%) exposed ZIP, SQL, and TAR archives on public web folders that can be freely accessed without requiring authentication. The archives appear to be backups containing database passwords, secret administrator URLs, internal API keys, and customer PII (personally identifiable information).
Click to expand...

I find this disturbing. However, the article and the Sansec report (I will like below) don't say which online stores are affected. I would assume most online stores (reliable and unknown) are having this privacy problem.

News Article:
Over 12% of analyzed online stores expose private data, backups

Sansec Report
Sansec analysis: 12% of online stores leak private backups
 
  • +Reputation
Reactions: Gandalf_The_Grey
F

ForgottenSeer 98186

Orchid said:
I find this disturbing. However, the article and the Sansec report (I will like below) don't say which online stores are affected. I would assume most online stores (reliable and unknown) are having this privacy problem.

News Article:
Over 12% of analyzed online stores expose private data, backups

Sansec Report
Sansec analysis: 12% of online stores leak private backups
Click to expand...
The way it works after the type of scan mentioned in the linked article is an attacker goes to the website (URL) and then uses a utility to perform what is called "directory busting." This is a technique that uses the front page of the website directly to enumerate the hidden directories in the website. All websites have hidden directories that can be enumerated from within the browser. If one of those directories does not have correctly configured permissions (for example a backup or customer data files), then the attacker can access the directory and its contents.

If the website is using unpatched modules or components, then the attacker might be able to access directories and files which they would normally not be able to access through a path or directory traversal exploit. Dependent upon the type of exploit they can even gain root privileges and have access to the entire server (and network).

Of course, the whole point of the article is if an attacker obtains a backup that has administrator passwords, the attacker can just walk in.
 
Last edited by a moderator:
You must log in or register to reply here.

Similar threads

I
    • Wow
    • Like
    • HaHa
Microsoft leaks 38TB of private data
Replies
4
Views
1,814
News Archive
Jonny Quest
Jonny Quest
Gandalf_The_Grey
    • Wow
    • +Reputation
    • Like
Privacy News Report: Facebook Users Are Tracked by an Average of 2,230 Advertisers
Replies
2
Views
1,699
Security News
Kubla
K
Gandalf_The_Grey
    • Like
    • +Reputation
    • Thanks
The most hacked passwords list 2023
Replies
2
Views
1,714
News Archive
plat
P

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top