Had an aggressive attack against a form page - person using Acutenix

6 posts by 5 authors in: Forums > CMS Builder
Last Post: October 18, 2019   (RSS)

By Codee - October 16, 2019

A client's form page (takes info/inserts into db) was aggressively attacked and I suspect they were able to get some information from the form submission...somehow. All 22,577 attempts (yes...22 thousand new database records added). Every single one of the order attempts had code, or just name, of "Acutenix"...which was in either the name or the company name fields. They tried different ways and means but all had the Acutenix tag somewhere in the record. I have seen, but never used or gone to their site (in case they are hackers) but the descriptions within the search engine results reveals a "Acutenix Vulnerability Scanner" to test your site. I can't help but wonder if their site accumulates targets by virtue of their software. I just don't know enough right now...other than at least part of their attempts succeeded because information was compromised.

Has anyone here had experience with a like attempt?

Thank you in advance.

By gkornbluth - October 16, 2019

Wow!

Thankfully, no experience with this.

Sorry to hear about the attack.

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

By diversified - October 17, 2019

I have never experienced an attack by that company but I have seen other attacks of similar nature.

Do you use any form of CAPTCHA such as from Google?  If not, I suggest doing so.  That tends to cut down on the Spam.

You could also edit the form code to limit the number of submissions by WAN IP however true hackers will be able to spoof their IP or use compromised computers to hit your form.

You could adjust your submission code to check to see if the same or similar values are being entered into the fields before actually passing to the database.  In my experience the robot tends to paste the same value into most of the form fields.

By gkornbluth - October 17, 2019

Hey Chris, 

If you need it, there are a number of recipes on how to implement Google's Captcha in my CMSB Cookbook. http"//www.thecmsbcookbook.com

Hope it helps.

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

By daniel - October 18, 2019

Hi Equinox,

I'm sorry to hear you experienced such an attack. There's unfortunately not much that can be done to reverse something like this, but going forward I can also recommend using a CAPTCHA as an effective method to cut down on similar automated attacks in the future.

I did have a look at Acunetix and they appear to be a legitimate security company that helps websites locate and fix technical vulnerabilities. However, it's theoretically possible for these sorts of vulnerability scanning tools to be obtained by 3rd parties for malicious use, which looks like it may have been done here.

Best of luck, and let us know if there's anything we can do to help support you.

Daniel
Technical Lead
interactivetools.com