Loading ...It seems that the unethical hacker community is not going to stop its activities. Now the latest target of hacking seems to be the multinationals. According to recent news, the developer community website of Nokia has been hacked by some unidentified source. Nokia has shut down its developer community website after that. This is a temporary and preventive move as the developer discussion forum of the company has been hacked. The hackers have hacked a database that contains e-mail addresses and some user IDs, for services such as Yahoo!, Skype, MSN, AIM and ICQ, of the forum members. Fortunately, this database does not contain any passwords or other sensitive details of the forum members.
According to Nokia, there was a weakness in the bulletin board that couldn’t resist an SQL injection attack. Such attacks happen in cases where the user info in the application database layer is not escape characters filtered and is passed into an SQL statement. This may also happen if user supplied field is not strongly checked for type constraints, and thus gets compromised in unexpected situations.
The team behind the developer community website has stated, “Initially we thought that just a portion of records of these forum members had been accessed, but when looked in detail it has been discovered that the actual number is extensively larger,”.
However, there has been no disclosure by Nokia regarding the exact number of records, which were accessed by these hackers. Nokia has also mentioned that it is still not clear if the stolen data has been misused as such yet. The company has already set up a team that has been assigned to conduct further investigation and security assessments of all the company’s websites, forums and other online accounts.
