Hackers attacked the Matrix: committed assault on Matrix.org servers

Uncommercial organization Matrix.org became victim of cyberattack that forced it to rebuilt all organizational structure and notify users about data leaks.

Matrix.org is a developer of an open communication standard in real-time mode through IPs for messages and files exchange, voice – and video calls. List of platforms that use this standard include Riot, WeeChat, Nheko, Quaternion etc.

On Thursday, April 11 representatives of organization reported that cybercriminals got access to their servers. Intruders entered production databases that allowed them to steal unencrypted information from messages, password hashes and authorization tokens.

After an attack, Matrix.org could not restore its work for several hours and had to rise its infrastructure from the beginning. Incident touched sites, databases, media-repositories etc, however, Modular.im servers, initial codes and packets were not hurt.

Cyberattack was possible due to vulnerability in the outdated version of Jerkins server. With the help of CVE-2019-1003000, CVE-2019-1003001 and CVE-2019-1003002 cybercriminals stolen inner SSH-keys and with their help got access to infrastructure.

Jaikey Sarraff, safety researcher, informed Matrix.org about vulnerabilities on April 9. Next day organization’s engineers located them and established full scale of the attack. On April 10, Jenkins server that became a source of a problem was removed and criminals lost access to data base.

In 24 hours Matrix.org turned on its main server and started rebuilding its infrastructure. All Matrix.org users were “kicked off” their accounts and organization asked them to change passwords.

Source: matrix.org/blog

[Total: 1    Average: 5/5]

About Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Check Also

Iranian hackers use ZeroCleare

Iranian hackers used new ZeroCleare malware

IBM experts have revealed a new malware ZeroCleare, which created and used Iranian hackers. ZeroCleare …

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.