The famous canned energy drink maker, Red Bull’s website was hacked recently by a group of hackers. While no changes and replacements were made on the main page of the website, there is an addition of a few pages which weren’t there before. One of the added pages says “Hacked by Prosox” which is followed by a link to the hacker’s Twitter handle “twitter.com/ProsoxW3b”. The pages seem to have been created by the hackers.
The name Prosox was quite in limelight a few days ago as they along with a few other hackers were responsible for hacking the famous Youtube Channel, Vevo. The titles of popular music videos were changed and the most popular videos like Despacito were taken down. No comments were made regarding the issue; however, the videos were restored to their original state in just a day.
According to thehackpost.com, around 30 Redbull subdomains got affected by this hack. Upon investigation, it was concluded that a CMS script was used and the hack was deployed using Drupal.
Interestingly, the latest Drupal remote execution code, which was released just a few days ago, was used to make this hack. This shows how advanced these hackers are at exploiting new technology.
The website got hacked one more time by another hacker, under the name Shade. This hacker edited a page and added a message suggesting he was behind the hack.
The site showed a new page named “adminer.php” followed by the site’s link. The page at that time read “Hacked by Shade”. After being around for few hours, both the pages have been removed. The hacked page has been archived and placed on Zone-H’s website by the hacker.
While Redbull was able to get control again, it is not sure if any data was leaked. It’s still a question if the Drupal exploit was patched or not.