The anti-DDoS security company Staminus is attacked by the Internet, leading to sensitive data leakage.

The anti-DDoS security company Staminus is attacked by the Internet, leading to sensitive data leakage.

A group of unidentified hackers attacked the DDoS protection company Staminus and stole sensitive information from their servers.
Network under attack
Staminus is an American company dedicated to anti-DDoS protection. Staminus operates DDoS Mitigation centers in Los Angeles, New York, and Amsterdam. In the three elements of information security-"confidentiality", "integrity", and "availability", DDoS (DoS attacks) targets "availability ". This attack method exploits the functional defects of the target system's network service or directly consumes its system resources, making the target system unable to provide normal services.
In addition to the company's main products, the company also provides a service Intreppid, and provides VPS virtual exclusive servers with built-in anti-DDoS functions. After Staminus Data leaks, attackers attempted to penetrate into the company's internal network, restore the system to factory settings, and reduce the system efficiency of the company. In this process, the company suspended the service for about 20 hours.

The company shut down the system at PST on the day when the problem occurred. The Reddit website displays the information and has a link to Hastebin. After the information appears, Staminus updates the information on Twitter:
"At 5 am PST today, a rare event occurred on multiple routers connected to the intermediate system, which eventually led to unavailability of our backbone network ."
No description provided by the company
Currently, in the published Hastebin Link (1), attackers say they can steal Staminus databases and Intreppid service databases. Of course, after the hacker posted the information, it aroused heated discussion about how to ensure the company's network security. In this case, some information is left, that is, how attackers access the database.
~ Use one root password for all the boxes
~ Expose PDU's to WAN with telnet auth
~ Never patch, upgrade or audit the stack
~ Disregard PDO as inconvenient
~ Hedge entire business on security theater
~ Store full credit card info in plaintext
~ Write all code with wreckless abandon
Hackers have published all the data accessed by the Tor network. Softpedia has not downloaded the data. However, the Tor network is relatively slow. Currently, according to the published information, the data can still respond to certain problems. Currently, Staminus customers are advised to keep an eye on their credit card information at any time. It is best to reset their account and password. At present, some other information is provided, such as the company server log data, chat records, and some code information.
The company has not explained the incident, but has begun to restore network services.