Equifax is a US Based consumer credit reporting agency with more than 800 million business worldwide. Recently Equifax has suffered a massive data breach that has left the data of more that 150 million users in the hand of hackers.
So How the hackers managed to hack into Equifax ?
As per the statement released by Equifax, hackers exploited a vulnerability named Apache Struts Remote Code Execution (CVE-2017-5638) to hack into the servers of Equifax, which resulted in this massive data breach. The vulnerability was a web software bug which was patched by the developers in March 2017. Equifax failed to apply the patch released for that particular vulnerability on time.
What is Apache Struts (CVE-2017-5638) Vulnerability ?
Apache struts is a open source web development frame work, which is used to create java based web application. The vulnerability affects the struts plug-in which handles the Requests to the server. Exploiting this issue requires sending a post request with a specially crafted XML data to a host running the vulnerable Apache Struts framework. The metaexploit module for Apache Struts exploitation is :
Upon successful exploitation the hackers will get a remote access to the victim server.
All versions of Apache Struts since 2008 (Struts 2.1.2 – Struts 2.3.33, Struts 2.5 – Struts 2.5.12) are affected, making it a 9 year old vulnerability. Apache released the patch for this vulnerability on March 7 and despite of warning’s Equifax failed to apply the patch.
How to protect ourself from the impacts of Equifax Hack ?
- Change your password
- Monitor account activities
- Freeze your account for a while (If Possible)