Pornhub hacked, shell access being sold for $1000

Pornhub said to be compromised, shell access available for $1,000

It seems that Pornhub has been compromised and the shell access is put up for sale. A Twitter users is offering command injection abilities and shell access to a subdomain on Pornhub for a mere $1,000.

https://twitter.com/1×0123/status/731622179922706432

To backup his claims about having the details, 1×0123 has also released to demonstrate he/she has access to the Pornhub server.

https://twitter.com/1×0123/status/731625184457818113

When asked how the shell was uploaded, 1×0123 said a vulnerability in the user profile script that handles images enabled the shell’s upload. However, 1×0123 stated the user profile flaw isn’t related to the recently disclosed ImageMagick vulnerability.

Once the shell is uploaded, browsing to the proper URL will open it and enable command injection. In short, if someone pays for access, they’ll have full control over the environment.

A Redditor who is probably Pornhub admin retaliated to 1×0123 allegations about compromise of its server by saying that the image posted by the hacker is of a test server 3 years old.

Yeah, we’ve been hacked lol
Not sure what else I can say since I don’t know much. I’m sure it’s not how the devs wanted to be spending their Sunday.
I’ll update when I know more.
edit: First response from devs is that it’s shell access to a really old server that’s no longer active (5+ yrs) because that screenshot is not close to the actual directory structure. (And seeing that Pornhub is still live, the hacker didn’t just change everything around lol)
edit: 2nd response is in this screenshot https://twitter.com/1×0123/status/731622179922706432 it shows Kernel version 3.15, but we have 3.10 running on production. They are still trying to figure out what server this guy actually gained access to. They think it’s a test server. I feel like if I tweeted and asked him, it would be quicker.

The issue is unresolved as of now because Pornhub is still investigating whether it was really hacked. We will update the story once we have comments from them.

Update: Pornhub team investigated the hack claim of the hacker and told Techworm in a emailed statement that,

“The Pornhub team investigated the claim from the hacker named 1×0123. Our investigation proved that while those screenshot might look realistic to people without knowledge of the underlying infrastructure, the attack as described by the hacker is not technically possible. This incident was merely a hoax and no Pornhub systems were breached during those recent events.

“The safety and security of our users is Pornhub’s top priority. We would like to remind everyone that Pornhub has a public bug bounty program which can be used to responsibility report any legitimate vulnerabilities in exchange for bounty as high as 25,000$.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here