The hacker Kapustkiy continues to target embassies and universities

The hacker Kapustkiy is back and breached another embassy and two universities. He leaked data on Pastebin.

The security pentester who goes online with the moniker Kapustkiy continues to target organizations and embassies across the world.

Recently he breached the Paraguay Embassy of Taiwan (www.embapartwroc.com.tw), while a few days ago the hacker and his friend Kasimierz (@Kasimierz_) hacked the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya. Kapustkiy and his friend Kasimierz (@Kasimierz_).

The last victims of the hacker are two subdomains of Virginia University & Sub domain of University of Wisconsin (http://pastebin.com/i1wmM5D1 ) and another embassy, the Indian Embassy in New York (http://pastebin.com/Akm9x4dD )

He contacted me via Twitter to report the data breaches, in the case of the Indian Embassy in New York he explained to have leaked only a small portion of stolen data that doesn’t include US personnel.

“Hi, Its me Kaputski, A few weeks ago I breached several websites that were related to the Indian ShitEmbassy. So I thought they will fix all the vulnerables in there domains and also look at there other domains that maybe could have a simple ”SQLi” vulnerable. So guess what? they did not look at all and only fixed some of there domains SMH……….” wrote Kapustkiy.

“I’m tired to report all the errors that I find in there website that I decided to breach them, NOW FIX YOUR SECURITY FUCKING ADMINS! NOTE: There was also a table named ”Newyork_contact” which had 7000 entries. I didn’t leak that out of privacy of people. Also the table ”Newyork_registration” had also information like Address,City,zipcode,phone number” I only leaked this but it could be more.”.

The databases related to universities include users personal information such as names, login, passwords, phone and many other information of students and staff.

As you can see in same cases the passwords are stored in plain text.

Records belonging to the hacked embassy include also phone numbers, let me highlight once again that such kind of information is a precious commodity for nation-state hackers that intend to launch a spear phishing campaign against diplomats.

Kapustkiy explained to have leaked the data because the administrators of the targeted entities ignore his warning via email.

It is likely Kapustkiy exploited SQli injection flaws in the last string of data breaches.

Who is the next one?

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Kapustkiy , data breach)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.