Nasdaq website hacked in 10 min

Sep 18, 2013
  • Email this page
  • Printer-friendly version
Tags:
nasdaq_2656804b.jpg

Washington: A top cybersecurity expert has revealed that the stock exchange Nasdaq.com’s security is so poor that it took him a mere 10 minutes to hack their systems.
Ilia Kolochenko, head of Swiss information security company High-Tech Bridge, said that despite his repeated warnings, the exchange has done nothing to fix the problem.
According to New York Daily News,  Kolochenko has claimed that a good hackers can get full access to Nasdaq.com in a couple of days with the ability to do almost whatever he wants, such as push an announcement that Facebook shares have dropped 90 per cent, which could cause havoc on the stock exchange.
The report said that recently the Nasdaq’s trading was halted because of an incident that the exchange called a ‘technical glitch’ but some computer experts said resembled the work of political hackers.
Kolochenko said that he inputted some code into the website’s script to see if it would be detected before displaying on the site, but it was not, which means that anyone could inject arbitrary HTML code into the site to display malicious information, seek credit card numbers, etc.
Meanwhile, spokesman for Nasdaq said that the exchange responded to Kolochenko’s discovery on September 4 adding that they take all security matters seriously and work with leading security experts to evaluate all credible threats across their digital assets.
The report added Kolochenko saying that an attacker would just send a unique web address in a private message to Nasdaq technical support or administrators, and with a single click could steal very sensitive information from the browser.   

Post new comment

<form action="/comment/reply/257477" accept-charset="UTF-8" method="post" id="comment-form"> <div><div class="form-item" id="edit-name-wrapper"> <label for="edit-name">Your name: <span class="form-required" title="This field is required.">*</span></label> <input type="text" maxlength="60" name="name" id="edit-name" size="30" value="Reader" class="form-text required" /> </div> <div class="form-item" id="edit-mail-wrapper"> <label for="edit-mail">E-Mail Address: <span class="form-required" title="This field is required.">*</span></label> <input type="text" maxlength="64" name="mail" id="edit-mail" size="30" value="" class="form-text required" /> <div class="description">The content of this field is kept private and will not be shown publicly.</div> </div> <div class="form-item" id="edit-comment-wrapper"> <label for="edit-comment">Comment: <span class="form-required" title="This field is required.">*</span></label> <textarea cols="60" rows="15" name="comment" id="edit-comment" class="form-textarea resizable required"></textarea> </div> <fieldset class=" collapsible collapsed"><legend>Input format</legend><div class="form-item" id="edit-format-1-wrapper"> <label class="option" for="edit-format-1"><input type="radio" id="edit-format-1" name="format" value="1" class="form-radio" /> Filtered HTML</label> <div class="description"><ul class="tips"><li>Web page addresses and e-mail addresses turn into links automatically.</li><li>Allowed HTML tags: &lt;a&gt; &lt;em&gt; &lt;strong&gt; &lt;cite&gt; &lt;code&gt; &lt;ul&gt; &lt;ol&gt; &lt;li&gt; &lt;dl&gt; &lt;dt&gt; &lt;dd&gt;</li><li>Lines and paragraphs break automatically.</li></ul></div> </div> <div class="form-item" id="edit-format-2-wrapper"> <label class="option" for="edit-format-2"><input type="radio" id="edit-format-2" name="format" value="2" checked="checked" class="form-radio" /> Full HTML</label> <div class="description"><ul class="tips"><li>Web page addresses and e-mail addresses turn into links automatically.</li><li>Lines and paragraphs break automatically.</li></ul></div> </div> </fieldset> <input type="hidden" name="form_build_id" id="form-df3fc419646042cf1fa67fe69a57a027" value="form-df3fc419646042cf1fa67fe69a57a027" /> <input type="hidden" name="form_id" id="edit-comment-form" value="comment_form" /> <fieldset class="captcha"><legend>CAPTCHA</legend><div class="description">This question is for testing whether you are a human visitor and to prevent automated spam submissions.</div><input type="hidden" name="captcha_sid" id="edit-captcha-sid" value="80510942" /> <input type="hidden" name="captcha_response" id="edit-captcha-response" value="NLPCaptcha" /> <div class="form-item"> <div id="nlpcaptcha_ajax_api_container"><script type="text/javascript"> var NLPOptions = {key:'c4823cf77a2526b0fba265e2af75c1b5'};</script><script type="text/javascript" src="http://call.nlpcaptcha.in/js/captcha.js" ></script></div> </div> </fieldset> <span class="btn-left"><span class="btn-right"><input type="submit" name="op" id="edit-submit" value="Save" class="form-submit" /></span></span> </div></form>

No Articles Found

No Articles Found

No Articles Found

I want to begin with a little story that was told to me by a leading executive at Aptech. He was exercising in a gym with a lot of younger people.

Shekhar Kapur’s Bandit Queen didn’t make the cut. Neither did Shaji Karun’s Piravi, which bagged 31 international awards.

Horoscope