Database of illegal card-sharing providers, chopped

Database of illegal card-sharing providers, chopped 

Unknowns have hacked the database of online stores "Sky Line" were offered on the Card-sharing packages on the illegal reception of pay-TV channels. The shop is now no longer accessible. 

When card-sharing an activated subscription card is used in parallel in order to allow pay-TV services on multiple digital TV receivers. The clients (receivers) get there - in simple terms - the need for encryption control word from a central server, where you put the subscription card. To communicate with the server must be running on the receivers, a special software (called Soft-CAM). 

Card sharing is usually operated in a manageable group of people, but there are also some commercial vendors that offer this "service" fee. The necessary data is delivered over the Internet to the receiver. The attacked service had offered different packages, which were priced between 50 and 100 euros per year. 

In H this e-mail explaining the alleged hacker, security gaps that the software used by the store owner osCommerce 2.2 RC2 had exploited to run PHP code on an unsecured upload feature in the admin panel to upload and execute. This has succeeded to create a new administrator account and save all data in the shops.Moreover, when analyzing the vhost accounts had noticed that all access to the sharing system without safety precautions could be achieved via HTTP. Among these data are the DynDNS hostnames and passwords for all customers who need server software to connect with the clients. 

The imaged data were stored in a file hosting services. Actually contain the relevant files including real names, addresses, email addresses and names from DynDNS accounts of alleged customers from Germany and neighboring countries. Also can read about how the benefits were paid. As expected, in many records, but also fantasy information. 

According to the alleged hacker of the operator of the shop as well as hosting a busy (and now also no longer accessible) boards had occurred. This should have been mainly the development of "open source CAM" (OSCam) driven, which can be used for card sharing. In the attack went according to the authors of the mail to H, therefore, primarily concerned that the project OSCam of the Board "adopted and thus retains its good reputation." In addition, you no longer want to have to tolerate that the operator "earned at the expense of our favorite television a fortune." The mail ends with an indirect threat against further commercial card-sharing providers.