The owners of a e-currency exchange service contacted the HackControl team regarding the hacking of their exchange’s API and the theft of electronic cash. Cyber Investigation of this incident discovered the exploitation of a HeartBleed vulnerability and a number of other vulnerabilities, including weak passwords, that had helped the attacker get a root access to the server. This gave them access via API to the Perfect Money payment system, allowing them to transfer funds to a fake wallet and then exchange them for bitcoins.
We did a full security audit of the server, removed third-party code and shells, updated software, connected Cloudflare CDN and configured a firewall and special nginx server security headers.
- Added extra verification for suspicious payments
- Configured security certificates to enter on the website
- Configured access control lists
- Configured access to the server with a key instead of a passwords
Our team of security engineers tested the logical part of the system, updated access to accounts, recovered passwords and helped with the administration of some of the resources.