Red Bull, the famous energy drink website is hacked by Prosox. The hacker managed to upload a hacked page with the file name “adminer.php” onto Red Bull’s 30 website subdomains.
According to the CMS script used on those 30 Red Bull’s subdomains, Drupal had been used on all hacked websites. It’s possible that the hacker Prosox may have used the latest remote code execution exploit in Drupal that was released just a few days ago to the public.
Here are the 30 Red Bull websites that are hacked by Prosox:-
- energydrink-au.redbull.com/adminer.php
- energydrink-be.redbull.com/adminer.php
- energydrink-tr.redbull.com/adminer.php
- energydrink-qa.redbull.com/adminer.php
- energydrink-sa.redbull.com/adminer.php
- energydrink-de.redbull.com/adminer.php
- energydrink-za.redbull.com/adminer.php
- energydrink-uk.redbull.com/adminer.php
- energydrink-es.redbull.com/adminer.php
- energydrink-at.redbull.com/adminer.php
- energydrink-mx.redbull.com/adminer.php
- energydrink-nz.redbull.com/adminer.php
- energydrink-nl.redbull.com/adminer.php
- energydrink-si.redbull.com/adminer.php
- energydrink-hk.redbull.com/adminer.php
- energydrink-cn.redbull.com/adminer.php
- energydrink-ru.redbull.com/adminer.php
- energydrink-tw.redbull.com/adminer.php
- energydrink-ro.redbull.com/adminer.php
- energydrink-dk.redbull.com/adminer.php
- energydrink-ie.redbull.com/adminer.php
- energydrink-no.redbull.com/adminer.php
- energydrink-in.redbull.com/adminer.php
- energydrink-hr.redbull.com/adminer.php
- energydrink-my.redbull.com/adminer.php
- energydrink-ar.redbull.com/adminer.php
- energydrink-us.redbull.com/adminer.php
- energydrink-it.redbull.com/adminer.php
- energydrink-jp.redbull.com/adminer.php
- energydrink-ca.redbull.com/adminer.php
The hacker had also archived the hack on Zone-H
Just 2 weeks ago, Prosox had hacked many celebrity YouTube channels by hacking into Vevo’s official YouTube account. The breach allowed the hackers to change titles of videos that had been watched by millions of users on YouTube. It had also forced Vevo do unpublish many YouTube videos, including the famous song named Despacito by Luis Fonsi.
As the story is still developing, we are to update this news article as soon as we get some updates from Red Bull regarding the breach.
Update:- The Red Bull website has been hacked again by another hacker claiming to be “Shade”. The hacker appears to have edited the “adminer.php” file and added a “Hacked By Shade” message.
Seems that the hackers are playing around with the Red Bull website. It’s unclear if Red Bull had saved any sensitive data on those servers. Surely, this proves that the servers are poorly secure.
Update:- Red Bull has just removed the pages uploaded by Prosox the hacker. However, it’s not known whether the Drupal vulnerability has been patched or not.
