Micah Lee 🫡

@micahflee ↗

Deleted No

Hibernated No

Last Checked April 3, 2023

Created

Thu Aug 25 17:42:50 +0000 2022

Likes

Retweets

Source

Twitter Web App

View Raw Data

JSON Data

View on Twitter

Likely Available

Micah Lee 🫡 @micahflee

The hacker first discovered that if you ask LC's API would information about users, it would give you the user hashes. And they found an admin user (who works for WMTEK) with the password "Password1". From there they found an RCE that let the dump the whole database https://t.co/QMKFrzAQ9E — PolitiTweet.org

Posted Aug. 25, 2022

Preceded By

Micah Lee 🫡 @micahflee

LC's website is based on software called SiteStacker, developed by WMTEK, a company that builds software exclusively for Christian nonprofits. WMTEK claims that 33% of Christian mission agencies use Site Stacker -- all of these are in the hacked data — PolitiTweet.org

Posted Aug. 25, 2022

Followed By

Micah Lee 🫡 @micahflee

Since all of WMTEK's clients ran the same vulnerable SiteStacker code, the hacker went ahead and hacked them all as well. I added up the financial transactions for all of the hacked orgs (over 90 of them): over $748 million has flowed through these Christian groups since 2015 — PolitiTweet.org

Posted Aug. 25, 2022