infosec firm owned utterly by 4chan person
danger visualize deez nuts
yesterday night an nameless 4chan person dumped a leak on the /g/ know-how board, claiming to have utterly owned danger visualization firm optimeyes:
> be cyber safety danger evaluation firm
> deal with mental property theft
> dont safe ur personal programs in any respect
owned utterly
> have all ur knowledge dumped in a 4chan inexperienced textual content
magnet:?xt=urn:btih:03386cd3a22b094cd830853b6577a3197b55225f&dn=optimeyespercent20dumppercent202023
optimeyes is an organization that’s centered particularly on “cyber dangers”, and bolster their skill in visualizing and serving to stop IP theft. which makes all of it a lot extra ironic how utterly they’ve been hacked. as somebody who loves a superb little bit of trolling towards the infosec neighborhood, i clearly needed to obtain the leak and have a look myself. it seems it incorporates not solely all of the supply code for the optimeyes platform, but in addition tons of buyer knowledge, the absolutely skilled ML fashions optimeyes is constructed on and tons of hardcoded credentials for his or her infrastructure. one would suppose their product would have a minimum of caught that bit in their very own software program, however oh effectively!
how this leaked
at this level i used to be very a lot invested on this leak already, and that i had a much bigger and larger suspicion as to how this most likely leaked. with some easy shodan searches primarily based on the names of git repositories within the leak i used to be in a short time capable of finding a jenkins occasion belonging to optimeyes. bullseye.
at first look their jenkins occasion appears pretty effectively locked down, barely any viewable workspaces, locked down admin permissions, and so on. nevertheless, they made some of the comedic errors you possibly can nonetheless make whereas establishing jenkins (im truly unsure which misconfiguration results in this): the construct data for every previous construct incorporates a hyperlink to the git repository, together with the bitbucket credentials within the url. genius.
this additionally additional backs up my concept of this jenkins being the supply of the leak, the git config of the repositories within the leak make use of the precise credentials leaked on jenkins.
so what is the worth of this leak
i truthfully dont suppose a lot of massive worth goes to be popping out of this leak instantly, nevertheless it’s an amazing and hilarious lesson in cybersecurity. the most likely highest worth belongings within the leak is the client knowledge, which incorporates server inventories and vulnerability scans from inside buyer networks (which seems to incorporate hitachi power). i’ve not checked out the database backups within the leak in any respect but, however these is perhaps fairly devastating for patrons as effectively relying on whats saved in there.
for optimeyes instantly this leak could possibly be devastating, so a lot of their credentials are right here (seemingly their complete aws infrastructure is susceptible), all their mental property has leaked they usually misplaced huge quantities of buyer knowledge. im curious to see if and the way they plan on recovering from this.
this very a lot looks as if a leak that was carried out for the lulz greater than the rest, and it is all the time enjoyable to see extra of that once more :3
some earlier, shorter evaluation of this leak will also be discovered on the sizeof(cat) blog
if you enjoyed this or any of my other work feel free to support me on my ko-fi. this is my only real source of income so anything goes a long way,
and monthly contributions help tremendously with budgeting.