Published: April 17, 2018
The BadMash3 Exploit is just a phrase that criminal hackers made up to make their bug poaching scam seem more legitimate. In reality this is just a SQL Injection hack and extortion attempt.
These hackers are known by several names such as Bug Poachers, Cyber Extortionists, Website Hackers or Grey Hats.
One of the recent hacker scams is that the hacker will hack into your website using SQL injection vulnerabilities. They will make a copy of your database. The hacker will then send you an email telling you that they are a website penetration tester and they are just good guys trying to help you out. They will then either tell you the nature of the problem and ask for a bounty / finder's fee or they will say if you send them money that they will tell you how to secure your website.
In the industry this is known as bug poaching. Bug poaching is a cyber extortion tactic in which a hacker breaks into a corporate network or website and creates an analysis of the network's private information and vulnerabilities.
Here are the problems with what has happened.
- These guys have committed a crime by hacking into your website in the first place and stealing your data. They are criminals trying to extort you.
- Even if you pay them, there is no guarantee that they will not release your data.
- You should never pay off extortionists as they will keep coming back for more.
- You cannot just ignore the problem though. You do actually have a problem that needs to be taken care of. Securing your website against future attacks.
If you receive one of these emails, you should do the following:
- Do not reply back to the hacker under any circumstances. Once he knows you are on the hook, its more likely that something bad will happen.
- Contact your webmaster / website developer or find someone who knows how to fix the security holes on your website. A website security specialist.
- Have a battle plan ready in case the hacker does release your data.
Contact us at the computer geek, we will show you have to deal with these blackmailers and secure your website so you can sleep better at night.