Vulnerability Disclosure 2020/09/17

PINE64 (both the business and the community around it) prides itself on transparency. Often, this transparency is used to give you a behind the scenes look into our operations.
 
But today, we’re afraid we must be transparent about something else.
 
As of approximately 4:30am GMT on 2020/09/17, we discovered an intrusion to our Pine Store web instance. This took on the form of spam/scam pages hidden on our web server, with scripting to only be visible to crawler bots. After discovering this, we immediately shutdown the web server and began investigation.
 
To our knowledge, this happened via an exploit in one of the WordPress plugins on the Pine Store, with initial attempts logged as early as 2020/09/05. It appears this was not an active malicious attack on our server, but merely automated bots tasked with placing scam store pages.
 
Needless to say, we remedied the situation and took extensive steps to prevent similar incidents from occurring in the future.
 
Due to the nature of the attacks we’ve reviewed, we do not suspect that customer information was a target, nor we expect any was exfiltrated. We can guarantee that, without a doubt, no credit card or other financial information was placed at any risk of being exposed.
 
We hope that this event does not damage your trust in us beyond repair, as we work to recover from this event.

 

See also the post at pine64.org

Leave a Reply

Your email address will not be published. Required fields are marked *