Online Transaction Company Payza’ Blog Hacked by MadleetsPayzaPayza’s response
Payza
Payza (formerly AlertPay) is an Internet payment system similar to Paypal. It allows users to transfer money between accounts by using email addresses for a fee. Payza is particularly popular amongst its users because it allows Bitcoin transfers in addition to other world currencies. According to Hackread, the hack attack involved two members of Madleets team, MindCracker and H3ll D who in conversation with Hackeread said that they had access to usernames, emails and passwords of Payza users. In the meantime Madleets member, MindCracker also announced the hack on their official web forum and Twitter
— MindCracker (@MindCrackerKhan) December 19, 2014
The deface page which has since been taken down showed a message for Madleets along with screenshot showing clear-text passwords of registered Payza users.
MindCracker has noted that Madleets hacking of Payza blog was primarily to bring the vulnerabilities in the website to Payza admin’s notice and they did not plan to leak the user details. Payza has tweeted that the user details of Payza blog are not connected to the financial vertical of Payza. in reply to a tweeter’s query.
— Payza (@Payzaofficial) December 19, 2014
Payza’s response
However Techworm contacted Payza to know if the credentials shown in the deface page were associated with them was leaked and why one another subdomain dev.payza.com/ was down. payza replied that there initial investigation shows that the alleged credentials are not associated with any of the Payza’s financial service, but investigation is still going on and these are currently down to perform maintenance
— Payza (@Payzaofficial) December 19, 2014
— Payza (@Payzaofficial) December 19, 2014 We are awaiting further updates from Payza.