Construction Sector At Risk As Hackers Exploit FOUNDATION Software

Image byBilly Freeman, from Unsplash

Construction Sector At Risk As Hackers Exploit FOUNDATION Software

Reading time: 2 min

  • Kiara Fabbri

    Written by: Kiara Fabbri Multimedia Journalist

  • Justyn Newman

    Fact-Checked by Justyn Newman Lead Cybersecurity Editor

In a Rush? Here are the Quick Facts!

  • Hackers exploit default passwords in software typically used by the construction industry
  • Public database access through the mobile app creates risks.
  • Huntress suggests immediate password changes and security fixes.

Security researchers at Huntress announced today that they discovered a hacking campaign targeting companies using FOUNDATION Accounting Software, a popular program in the construction industry.

The hackers are taking advantage of a simple weakness: many companies haven’t changed the default passwords that come with the software.

Normally, databases like the one used by FOUNDATION Accounting Software are kept private and protected by a firewall or VPN.

However, FOUNDATION’s mobile app feature allows for public access to the database through a specific TCP port. This makes the database more vulnerable to attacks.

Once inside, the attackers can take control of the system and run harmful commands that allow them to steal information or cause damage.

Huntress observed that the attack was automated, hitting multiple companies in just a few minutes. In one case, attackers made over 35,000 attempts before finally getting access.

To protect against this threat, Huntress recommends that all companies using FOUNDATION immediately change the default passwords, avoid exposing the software to the public internet, and disable certain risky features that hackers can exploit.

The researchers reported that they initially identified the malicious activity targeting Foundation last week.

Huntress has already taken action by isolating affected machines and notifying customers who may be at risk. Although the vulnerability is a serious concern, taking these security measures can prevent further attacks.

FOUNDATION did not respond to Recorded Future News‘ (RFN) request for comment by the time of publication on Tuesday.

While the extent of the damage caused by these attacks remains unclear, as noted by the RFN, it is crucial for affected companies to investigate and take appropriate steps to mitigate any potential harm.

Did you like this article? Rate it!
I hated it I don't really like it It was ok Pretty good! Loved it!
5.00 Voted by 1 users
Title
Comment
Thanks for your feedback
Please wait 5 minutes before posting another comment.
Comment sent for approval.

Leave a Comment

Show more...