Leak in website pharmaceutical company made trading possible

Feb

9

2016

A leak in the listed pharmaceutical company Pharming website made it possible to see in news reports including financial results, a day before they were officially published. This made trading possible.

Tweaker Squ1zZy, which in 2011 already leak from the website belegger.nl reported , the leak to the attention of Tweakers released after receiving no response despite repeated attempts by the administrator of the Pharming website. He had discovered that the site turned up a WordPress installation and nginx web server, when the Pharming homepage nginx-test REFLECT. Then it was a breeze to establish that there were present besides some outdated WordPress plugins, making them susceptible to exploits.

During the investigation of these findings, however, he also found out which directory listing liked. This made it possible to view the contents of the Web server, without the files must first be published. This meant that he could send a notification with a simple script when new content has been added to certain directories of the site. He came across a message with the file name PR-3Q-2015-28-Oct-2015.pdf, a message about the quarterly figures which were apparently intended for publication on 28 October.

However, the file’s metadata showed that the file was added on October 27 at the folder during the trading hours. This made it easy for an attacker to do on the basis of the information in the report financial transactions and thus trading. Squ1zZy announced that he often encounters such practices on other websites, but he mentions no names.

Tweakers then contacted the administrator of the site, which announced the same day that Pharming is working to move the site to a new host and all the plugins would get an update. After about two weeks to request waited let the manager know that all updates were carried out and that the site was transferred to the new host. According Squ1zZy was however only half true and revealed that the biggest problem of directory listing was not resolved. After renewed contact also revealed that this problem was solved. Pharming denies that it was possible to see messages in advance and let them know that messages are delivered only at the last moment.

Viewing:-141

In: Technology & Gadgets Asked By: [15780 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »