RealTime IT News

Another E-Commerce Site Suffers Hack Attack

Undaunted by U.S. government vows to crack down on those who pilfer credit card numbers from Web sites, a man going by the name of "Curador" breached SalesGate.com in the latest of a rash of cracks made by the hacker who claims he is trying to help companies by illuminating weaknesses in their security systems.

In his latest attempt about a week ago, Curador lifted 2,000 records, including credit card numbers and other personal information from SalesGate. SalesGate is a New York-based marketplace "developed to help small and large businesses sell online in a way that guarantees the protection of the user's personal information." The firm extends this guarantee on its home page, which may appear as a challenge to the hacker.

SalesGate co-founder Chris Keller confirmed Thursday that the credit card numbers were lifted and said "a number of agencies," including the U.S. Secret Service "are working to catch" the hacker.

As of Thursday, SalesGate has contacted customers affected by the breach, cancelling the cards directly with the credit card companies. It also warned them to beware of unauthorized charges made.

Curador has also admitted to hacking into promobility.net, shoppingthailand.com and LTAmedia.com in recent weeks.

At the time of the shoppingthailand.com breach in which he took 5,000 credit card numbers, Curador held court on a Web site, thanking Bill Gates for making "SQL servers with default world readable permissions."

"Maybe one day people will set up their sites properly before they start trading because otherwise this won't be the last page I post to the NET," wrote the cracker in a message at his site, which is mirrored here.

Curador's e-crackerce.com site, where Curador listed the stolen card numbers, was recently taken down by the hosting company. Last week, the counter at the site showed that it had been visited more than 500 times, raising the question whether Curador had given out the address in newsgroups or IRC channels devoted to stolen credit cards.

Larry Hutchenson is the Webmaster for LTAMedia.com, which Curador cracked around Feb. 3 and stole about 750 credit cards. While Curador's claimed at his site to be "the saint of ecommerce," Hutchenson said he's just a crook.

"It would be one thing if the gentleman had sent an e-mail to me or somebody else saying that 'you have a security breach in your area, you can do this' -- I mean the guy used outrageous stuff to get in," said Hutchenson. "If he had sent that stuff to me it would be one thing. If somebody takes information that is stored on the site, and it has been entrusted on that site and they steal that information and use it, post it, or whatever, it is stealing."

Tyger Team Consultants was the first to notify LTAMedia about the break-in. Tyger's Chris Davis, who is investigating Curador's activities, refuses to believe that Curador's actions are benevolent. He said the hacks were made on systems with IIS and NT servers, which are not known to provide excellent security. Furthermore, after conducting an audit, he discovered Curador had installed a "back door" program in which he could return to manipulate the site in the future.

"They (sites) may be vulnerable due to outside administrators that doesn't maybe understand all of the security implications that come with IIS and NT, which there are several right out of the box," said Davis. "Why are you adding to their vulnerabilities then? They secure their boxes to the best of their ability, this kid breaks in to show that they're not secure and he backdoors them so that he can get back in whenever he wants and