Recently, a Korean hacking group revealed that they have now hacked into the Indian AI-driven chatbot platform named SmatSuite and obtained complete access to their domains, customer documents, database backup, and the AWS console access, Quickcyber has learned.
On June 7, 2020, the hacking group contacted Quickcyber to share the information related to this hack that contained two of the SmatSuite domains compromise – smatsuite(dot)com and smatbot(dot)com and theft of the SmatSuite’s customer data.
The AI-based SaaS platform is run by a Hyderabad-based company named FeSo Social Media Private Limited.
SmatSuite has two AI products – SmatBot (A chatbot for websites, messenger for lead generation, etc.) and SmatSocial (An assistant for SMM automation).
The hacking group told Quickcyber that they have access to the SmatSuite’s domain registrar account, source code backups with repositories of more than 30GB with customer documents, more than 20 GB of database backup, and admin access to the company’s Google and AWS (Amazon Web Services) accounts.
As you can see in the above image, It seemed that the hacked Gmail account displayed customer information of the SmatBot subscribers.
Further, the hackers have also shared a few more POC screenshots with us supporting the claim for this hack:
At the time of writing this article, both the websites smatsuite(dot) and smatbot(dot)com were recovered and running fine.
We have informed the company about this SmatSuite breach and awaiting a response from them.
We’ll update the article as soon as we receive anything from the SmatSuite Team.
This hack seemed to be an another hacking attempt made by the Korean hackers following the last week’s ZEE5.com hack where hackers demanded 10 Ethereum from ZEE5.
“We are security experts from Korea, We will find bugs and report to the clients if they do not respond we try to make money, We have hacked more 50 Big websites we never sold anything,” the threat actors told BleepingComputer this week.