Feb 10 2008
According to Hackbase.com, South Korea’s oldest and largest online shopping site (Auction.co.kr) has claimed it was attacked by a Chinese hacker who made off with the user information on 18 million members and a large amount of financial data. It is further claimed that Auction.co.kr delayed 20 hours after the attack before comfirming the loss of information. Korean users rebuked the website for being too slow to act. It was confirmed that the attack was launched through China’s internet.
Auction.co.kr also confirmed that after the incident, they received a phone call offering to exchange the user information for money.
The Chinese hacker did not directly attack the server, instead s/he took a roundabout strategy. The hacker sent out bulk e-mailings to the auction staff containing “hacker procedures” (I’m guessing this means with Trojans attached). When the staff members confirmed the e-mails, the hacker was able to gain their IDs. The hacker was then able to login to the Auction server using the staffer’s ID.
7 Responses to “Chinese hacker steals user information on 18 MILLION online shoppers at Auction.co.kr”