2023.3.22

1. Micro Disk Vulnerability

Micro Trading Platform Vulnerability

Forex Vulnerability

HSBC Attack Vulnerability Exploit Published

Hackers used features to batch scan for micro disk vulnerabilities. They exploited a cache upload vulnerability to upload a one-line PHP shell, then uploaded a larger shell to the root directory. Next, they uploaded database management tools, modified the database and index.php files, etc. They left contact information and threatened and extorted website administrators.

Recommendations and Fixes:

– Patch the upload vulnerability

– Block hacker IP ranges

– Lock down website file permissions – disable upload and creation

Specific Vulnerability Locations:

Search

Hacker Attack Handling

Maintenance Log:

1. Patch vulnerabilities

2. Block hacker IPs

3. Restore website files

4. Restore website data

5. Purchase new domain and configure frontend domain

6. Create jump verification to effectively solve Google browser warning issues and network blocking domain issues.