Thailand’s largest 4G mobile operator TrueMove H encounters AWS S3 bucket data leakage

According to securityaffairs report on April 15, the largest 4G mobile operator in Thailand, TrueMove H, recently suffered a data leak. An operator disclosed a total of 46,000 data of 32 GB in the AWS S3 bucket on the Internet, including identity information. , passports, driver’s licenses and other data. According to a statement issued by TrueMove H, its subsidiary, I True Mart, has suffered the impact of this leak.

Security researcher Niall Merrigan revealed that tools such as bucket stream and bucket-finder allow scanning the Internet to open S3 AWS buckers. For example, this event used Merrigan to use the “bucket-finder” tool to discover S3 buckets that open TrueMove H. Merrigan stated that he had informed TrueMove H of this issue, but the operator did not respond.

“The output from bucket-finder showed several issues such as config files, source code and other potential information disclosures. Bucket finder only gets the top 1000 files via the AWS S3 API. To simplify things, I loaded the results into a small SQL database for analysis. I found all the sites that had 1000 files and did a quick visual scan to see what they contained and if there was a way to identify the owner if the need arose.”

Source: Security Affairs

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy

Written by

@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.