Search This Blog

Powered by Blogger.

Blog Archive

Labels

Linux Application WineHQ database Hacked

WineHQ database system is compromised. WinHQ is Linux Application that helps to run the .exe file inside the Linux. The hacker might get the access by compromising an admins credentials, or by
exploiting an unpatched vulnerability in phpmyadmin.

They had reluctantly provided access to phpmyadmin to the appdb developers (it is a very handy tool, and something they very much wanted). But it is a prime target for hackers, and apparently our best efforts at obscuring it and patching it were not sufficient.

Now they removed all access to the PhpMyAdmin from outside.

Still now, there is no harm to Database.Unfortunately, the attackers were able to download the full login database for both the appdb and bugzilla. This means that they have all
of those emails, as well as the passwords. The passwords are stored
as Encrypted(Hash), but with enough effort and depending on the quality of the
password, they can be cracked .

He afraid about the users information. The attacker can use those information and get access to the Users Account. So he planned to reset the password and send to the email user.

Security Tips from BreakTheSec:
  •  Don't Use the same password everywhere.(especially use different and secure password for gmail account and other important accounts)
  • @WineHQ's users: If you use the same password anywhere else, Change it immediately.  


Share it:

Database Compromised

Hackers News

Linux