Imperva has uncovered a hacker selling access to US government, military and education websites on the cheap.
According to security firm Imperva, the hacker gained access to the websites by using the SQL injection technique.
“The victims' vulnerabilities were probably obtained by SQL injection vulnerability automatic scanner and exploited in automatic manner, as the hacker published his methods in a post in some hacker forum,” the company explained.
The unknown hacker is offering access to US and European government, military and education sites for anything between $55 to $499. Access to the US Army and National Guard websites is up for sale for around $499 each, while those belonging to the US Department of Defense are accessible for $399 per site.
The hacker is also offering whole databases of personal user data, complete with names, telephone numbers and addresses, for as low as $20 per 1,000 names. Other services include a $2 full website vulnerabilities scan, hacking of a 'normal' website for $10, hacking of a 'high-profile' site for $10+ and 3MB of information taken from random hacked user accounts for $65.