Stack Overflow 2019 hack was guided by advice from none other than... Stack Overflow

2021-01-27 19:31

Developer site Stack Overflow has published details of a breach dating back to May 2019, finding evidence that an intruder in its systems made extensive use of Stack Overflow itself to determine how to make the next move.

The report describes the timeline of the attack, which started on April 30th with a probe of the Stack Overflow infrastructure.

How does TeamCity work? "The attacker is clearly not overly familiar with the product so they spend time looking up Q&A on Stack Overflow on how to use and configure it," said Ward.

"They continue to browse Stack Overflow for details on building and running.NET applications under IIS as well as running SQL scripts in an Azure environment," Stack Overflow said.

In what sounds like a serious move, the intruder wrote some SQL to elevate permissions across the entire Stack Exchange network and "After several attempts, they are able to craft a build that executes this as a SQL migration against the production databases housing data for the Stack Exchange Network."

A follow-up thread reveals that a Stack Overflow integration with Twitter was disabled because the Twitter API key was in the source code and the developers have not worked out another way to do it.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/01/27/stack_overflow_2019_hack_was/

#hack