BadMash3 Exploit

April 17, 2018

The BadMash3 Exploit is just a phrase that criminal hackers made up to make their bug poaching scam seem more legitimate. In reality this is just a SQL Injection hack and extortion attempt.

These hackers are known by several names such as Bug Poachers, Cyber Extortionists, Website Hackers or Grey Hats.

One of the recent hacker scams is that the hacker will hack into your website using SQL injection vulnerabilities. They will make a copy of your database. The hacker will then send you an email telling you that they are a website penetration tester and they are just good guys trying to help you out. They will then either tell you the nature of the problem and ask for a bounty / finder's fee or they will say if you send them money that they will tell you how to secure your website.

In the industry this is known as bug poaching. Bug poaching is a cyber extortion tactic in which a hacker breaks into a corporate network or website and creates an analysis of the network's private information and vulnerabilities.

Here are the problems with what has happened.

These guys have committed a crime by hacking into your website in the first place and stealing your data. They are criminals trying to extort you.
Even if you pay them, there is no guarantee that they will not release your data.
You should never pay off extortionists as they will keep coming back for more.
You cannot just ignore the problem though. You do actually have a problem that needs to be taken care of. Securing your website against future attacks.

If you receive one of these emails, you should do the following:

Do not reply back to the hacker under any circumstances. Once he knows you are on the hook, its more likely that something bad will happen.
Contact your webmaster / website developer or find someone who knows how to fix the security holes on your website. A website security specialist.
Have a battle plan ready in case the hacker does release your data.

Contact us at the computer geek, we will show you have to deal with these blackmailers and secure your website so you can sleep better at night.

[BACK]

TESTIMONIALS

What Our Clients
Are Saying About Us

We engaged The Computer Geeks in mid-2023 as they have a reputation for API integration within the T . . . [MORE].

James Hesse

November 4, 2023

We all have been VERY pleased with Adrian's vigilance in monitoring the website and his quick and su . . . [MORE].

Kenneth Bruscia PhD

June 6, 2023

FIVE STARS + It's true, this is the place to go for your web site needs. In my case, Justin fixed my . . . [MORE].

Paul Adler

March 28, 2023

We reached out to Rich and his team at Computer Geek in July 2021. We were in desperate need of help . . . [MORE].

Leigh Hutchens

March 2, 2023

Just to say thank you for all the hard work. I can't express enough how great it's been to send proj . . . [MORE].

Curtis Williams

February 28, 2023

I would certainly like to recommend that anyone pursing maintenance for a website to contact The Com . . . [MORE].

David Pappas

February 17, 2023

LATEST ARTICLES

See Our Latest
Blog Posts

See All Articles

The Role of User Experience in E-Commerce Success

November 20, 2024