Monday, February 9, 2009

BitDefender Portugal up against the ropes now...

It would seem that Unu over at HackersBlog has been busy over the weekend and had BitDefender under the cross-hairs.

Looks like the BitDefender Portugal Web site is vulnerable to SQL Injection (just like Kaspersky's from earlier in the weekend) as there's a new hack walk through on HackersBlog relating to the escapade.

There's a few screenshots depicting the level of access to backend data (thoughfully redacted to hide some of th more confedential information) - including user ID's and customer address details.

I'm not sure how big the BitDefender Portugal business operation is, but this doesn't bode well for their customers. I'm hoping that the site administrators are already working on the issue because, while Unu may claim to not collect the personal information available through the SQL Injection attack, it's still very easy for others to replicate attack and harvest those customer details for themselves.

UPDATE: 10:30am EST
I neglected to mention that the BitDefender Portugal Web site is actually operated by a business partner/distributor operating in the region - so there is no threat to BitDefenders worldwide sites. This kind of software distributor model is common place within the industry.

That said, it's no comfort for BitDefender customers in Portugal. Nor is it particularly good for BitDefender in Romania (head office) - because, for all intents and purposes, bitdefender.pt delivery is their choice.

In addition, to this, it would seem that the BitDefender side has been taken down for maintenance (and so too has the distributors site - were they on the same host? (same IP address))

3 comments:

  1. Hi, It seems that BitDefender.pt is not a BitDefender owned site, it is a partner site so it doesn't use the same CMS as the BitDefender owned sites.

    ReplyDelete
  2. That's true - but it's still an official partner site that's linked directly from the bitdefender.com Web site.

    ReplyDelete
  3. That's definitely not a BitDefender website, it's just a partner site ... linked from the .com website true but nevertheless not a corporate site.

    ReplyDelete