Jump to content


Bitdefender (confirms) hacked and blackmailed

  • Please log in to reply
2 replies to this topic

#1 Chachazz


    Is GSF inventory

  • General Admin
  • 36,503 posts

Posted 01 August 2015 - 01:48 AM

Antivirus Maker Bitdefender Hacked, Blackmailed - Customer Data Being Sold In Shady Black Market Deals
"Bitdefender, the critical darling in internet security, appears to have been hacked and is now embroiled in a dangerous extortion plot thats putting its over 400 million customers at risk.

Friday July 24th 2015: A Hacker going by the handle DetoxRansome (DR) first attempted to blackmail the company via Twitter, writing I want 15,000 us dollars or I leak your customer base. This message was then followed by a tweet containing login credentials for two Bit Defender staff members accounts and another one belonging to a customer."

"Reached by Travis Doering late Monday evening, Bitdefenders Marius Buterchi confirmed the hacking of accounts, and said the company was Aware of the issue and have reset the passwords for the customers whos credentials have been made public. He added They are actively investigating how these passwords were made public."

Hacker Film Blog

#2 TheSentinel


    The man in the dark

  • General Admin
  • 31,817 posts

Posted 01 August 2015 - 03:26 PM

Another article about:


Hacker steals Bitdefender customer log-in credentials, attempts blackmail
By Lucian Constantin  Follow
IDG News Service | Jul 31, 2015 6:50 AM PT
A hacker extracted customer log-in credentials from a server owned by Bitdefender that hosted the cloud-based management dashboards for its small and medium-size business clients.



#3 Chachazz


    Is GSF inventory

  • General Admin
  • 36,503 posts

Posted 01 August 2015 - 07:07 PM

We recently found a potential security issue with a single server. We immediately launched an investigation and found that a single application was concerned a component of the public cloud exposing a very limited number of usernames and passwords. Our investigation also revealed that the server was not penetrated, but a vulnerability potentially enabled exposure of a few user accounts and passwords.

The issue was immediately resolved and additional security measures were put in place in order to prevent it from reoccurring. As an extra precaution, a password reset notice was sent to all potentially affected customers, representing less than 1 per cent of our SMB customers. This does not affect our consumer or enterprise customers. Our investigation revealed no other server or services were impacted.