Company Employee Allowed to Steal Confidential Exchanges in MOEX Hacking

The Gakhostsec hacker group, known as “supervisor,” has announced their latest venture – hacking into the Moscow Exchange (Moex.com). According to their post on Telegram, they claim to have gained unauthorized access to one of the exchange’s FTP servers due to the negligence of an employee who left their account credentials exposed. The data archive they have obtained weighs over 2.8 GB and has been downloaded more than 300 times within three days.

A leak regarding this incident was posted on the Ghostsec Telegram channel.

The Moscow Exchange has not yet officially confirmed the hacking incident or commented on the situation. The reliability of the data published by the hackers is unknown, as well as the potential impact it may have on the exchange’s operations and reputation.

Prior to this incident, Ghostsec had already made headlines by being the first group to successfully attack Monitoring Programs on the RTU industrial router, a feat that has been confirmed by researchers. They showcased the group’s ability to encrypt this type of router, demonstrating their knowledge of SCADA functions and their support for industrial sequential interfaces RS-232 and RS-485.

In September 2022, the GhostSec group compromised 55 programmable logical controllers (PLCs) made by Berghof, which were employed by various Israeli organizations. Hackers from Ghostsec accessed the administrator panel and released a video demonstrating their successful entry, implying they could manipulate the chlorine and pH levels in the water supply.

/Reports, release notes, official announcements.