Threat actors hijacked a U.K.-based fishing gear retailer’s website, redirected it to Pornhub as part of a costly ‘joke.’
Landing on Pornhub When Looking For A New Fishing Rod
On November 5, Angler Direct, U.K.’s largest fishing equipment retailer, suffered a massive system breach that resulted in their domain being redirected to Pornhub. The site was down for a few days but is now up and running again. However, the extent of the damage suffered by the company is unclear but definitely not funny.
Hackers Putting The ‘Phish’ In Fishing
Those responsible went way beyond just causing a few laughs, but also took to the company’s social media to mount a phishing campaign.
It seems that the pranksters obtained their Twitter and other social media accounts login credentials, since the hackers were able to alert them and their customers, about the breach through a November 7 tweet from the Angling Direct feed.
First, the @anglingdirect Twitter feed announced (falsely) that the fishing retailer was sold to MindGeek, the company owning Pornhub, adding that Angling Direct customers were offered a free premium subscription to the adult site.
Our site has been sold to MindGeek the founders of Pornhub.
Your data has already been transferred and PornHub premium will be available for your account for a period of one year.
Register with our email and you’ll automatically be assigned with premium.
“Your data has already been transferred, and PornHub [sic] premium will be available for your account for a period of one year,” the tweet read. “Register with our email and you’ll automatically be assigned with premium.”
Phishy Free Porn
Just a few minutes later, the attackers came back with another tweet announcing the takeover. However, the post did not specify any ransom details, nor what is it that they want in exchange for the stolen data.
For the admin:
If contact shelled to be established to us at hackercontact@anglingdirect.co.uk
We will return the information and access to you.
Otherwise we will automatically remove from our system in 31 days.Thanks
MASTER
“We will return the information and access to you,” the attacker, calling themselves MASTER, tweeted. “Otherwise, we will automatically remove from our system in 31 days.”
Although unsure of what kind of an attack this was, the London Stock Exchange-traded company was forced to issue an official statement on November 8 acknowledging the breach.
“This unauthorized activity shut down the company’s websites and these remain inactive,” the Angling Direct statement said. “Some of the company’s social-media accounts have also been compromised. The Board has appointed external cybersecurity specialists whose investigations are underway to establish what happened. Work continues round the clock to bring the websites back online, while our 39 retail stores across the U.K. have remained open and continue to trade.”
As of November 9, the site was still down. Later, a spokesperson noted, “Just to follow up here – we can confirm after engaging with our advisers and providers we have managed to take back control of our website. The rollout will take some time to flow through in all areas but the process is underway.” The site is up again.
Angling Direct addressed the issue of a potential personal data leak, explaining how both law enforcement and regulators have been alerted of the breach.
“We are mindful of our obligations regarding data; it is too soon yet to make any determination around the impact this incident has had on personal data, but we will inform any individuals in line with our regulatory obligations should there be a need to do so,” the statement wrote. “Importantly, the company does not hold any customer financial data as our website transactions are handled by third parties.”
Following the incident, the company’s stock price went from 69.89 GDP to 61.74 GDP.
Sources:
Threatpost Not Punny: Angling Direct Breach Cripples Retailer for Days
London Stock Exchange Angling Direct Notice of a cyber security incident
Attribution:
Photo by Simon Hurry on Unsplash
