Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations
Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations
网络犯罪分子声称入侵了 100 多家机构的 Oracle PeopleSoft 服务器
The notorious cybercrime group ShinyHunters claimed to have hacked Oracle PeopleSoft servers at more than 100 organizations, many of them universities, a ShinyHunters member told TechCrunch on Wednesday. The breaches were first reported by BleepingComputer. 臭名昭著的网络犯罪组织 ShinyHunters 的一名成员周三向 TechCrunch 透露,他们已入侵了 100 多家机构的 Oracle PeopleSoft 服务器,其中许多是大学。此次入侵事件最初由 BleepingComputer 报道。
PeopleSoft is enterprise software designed to manage payroll, human resources, administration, and other business operations. The news shows that despite being one of the most visible and prolific cybercrime groups at the moment, ShinyHunters is not slowing down and has turned mass hacks into its specialty. PeopleSoft 是一款旨在管理薪资、人力资源、行政及其他业务运营的企业软件。这一消息表明,尽管 ShinyHunters 是目前最引人注目且最高产的网络犯罪组织之一,但他们并未放慢脚步,反而将大规模黑客攻击变成了他们的“专长”。
The group’s modus operandi is to find a vulnerability in a popular piece of software so that they can compromise many victims at once. 该组织的作案手法是寻找流行软件中的漏洞,以便能够同时入侵多个受害者。
“Student, applicant, financial aid, immigration, health, and administrative data has been exfiltrated,” read a message that the hacker said was sent to one of the victims. The hackers claimed to have stolen student records that include home addresses, phone numbers, emails, and dates of birth. “学生、申请人、经济援助、移民、健康和行政数据已被窃取,”黑客称这是发送给其中一名受害者的信息内容。黑客声称窃取了包含家庭住址、电话号码、电子邮件和出生日期的学生记录。
The hacker added that most of the targeted schools had already been compromised in earlier, unrelated campaigns. 该黑客补充说,大多数目标学校在早先不相关的攻击活动中就已经被入侵过。
The group’s original goal, the member said, was to compromise an FBI PeopleSoft server — the goal being to post a statement denying ShinyHunters was behind a wave of swatting attempts the FBI flagged in an alert last month. The member said that attempt failed. 该成员表示,该组织最初的目标是入侵 FBI 的 PeopleSoft 服务器,目的是发布声明,否认 ShinyHunters 与 FBI 上个月在警报中提到的那波“假报警”(swatting)攻击有关。该成员称,这一尝试失败了。
Oracle did not respond to a request for comment. Oracle 未回应置评请求。