Security News > 2024 > February > Hackers steal data of 2 million in SQL injection, XSS attacks
A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site scripting attacks.
ResumeLooters primarily employs SQL injection and XSS to breach targeted sites, mainly job-seeking and retail shops.
Acunetix - Web vulnerability scanner identifying common vulnerabilities like XSS and SQL injection and providing remediation reports.
ResumeLooters conducts these attacks for financial gain, attempting to sell stolen data to other cybercriminals via at least two Telegram accounts that use Chinese names, namely "渗透数据中心" and "万国数据阿力".
Keenan warns 1.5 million people of data breach after summer cyberattack.
MGM Resorts ransomware attack led to $100 million loss, data theft.
News URL
Related news
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)