Feeds

Moshtix admin account popped by party-pooper hipster-hating hacker

422 big spenders thought huge $1,000 festival fees were par for the course

Choosing a cloud hosting partner with confidence

Skiddies logged into a staff account of Aussie ticketing outlet Moshtix and caused havoc for fans snapping up tix.

Punters who were in line for $355 pre-sale tickets for the hippy hipster-favoured Splendour in the Grass festival in Byron Bay had a rude shock when their online checkout totals were up to 1,000 per cent more expensive than expected.

Hackers had set ticket prices and credit card fees to the tune of thousands of dollars, forcing scores of would-be partygoers to either cough up and pay, or miss out.

Moshtix refunded money to 422 people, who paid the exorbitant fees (those set by the miscreants, rather than the organisers), and issued more tickets for the sold-out fest.

Boss Harley Evans said his biz did not know how the credentials for the compromised admin account, set up specifically for the hipster event, were obtained, but said the breach was not due to software bugs being exploited.

"The unauthorised access was limited to the front-end area of our system that controls event configuration information for the Splendour in The Grass event (such as ticket prices, ticket fees, [and] event info for the website)," Evans wrote in an advisory.

"Our view is that it appears from the actions that the intention was to create confusion and concern and damage the Moshtix brand."

Moshtix has informed state cops, and intends to pursue the hackers "to the fullest extent possible". Evans apologised for the hippy-hating hack, and said punters should keep an eye out for fresh tickets for the festival on the site. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.