Angling (re)Direct: Criminals net website of Brit fishing tackle retailer, send users straight to smut site

We've signed everyone up for PornHub Premium, crow immature attackers


Miscreants have hijacked the systems of Angling Direct, diverting traffic from its websites to Pornhub and threatening to wipe its internal data.

The London Stock Exchange listed retailer of fishing tackle products and equipment said it is "currently managing a cyber security incident after detecting unauthorised activity on its network late on Friday 5 November."

It further told the City this morning:

"This unauthorised activity shut down the Company's websites and these remain inactive. Some of the Company's social media accounts have also been compromised. The Board has appointed external cyber security specialists whose investigations are underway to establish what happened. Work continues round the clock to bring the websites back online while our 39 retail stores across the UK have remained open and continue to trade."

The statement says Angling Direct has contacted the law enforcement agencies and the UK's data watchdog, the Information Commissioner's Office.

It continued:

We are mindful of our obligations regarding data; it is too soon yet to make any determination around the impact this incident has had on personal data, but we will inform any individuals in line with our regulatory obligations should there be a need to do so. Importantly, the Company does not hold any customer financial data as our website transactions are handled by third parties.

As matters currently stand, the Board does not anticipate that this incident will have a detrimental impact on underlying trading and the Company will continue to assess any cost exposure that this incident may create. The Board will provide a further update as and when appropriate and apologises for any disruption that has been caused to customers by this incident.

We have asked the company to comment further. The oddness showed up on Angling Direct's Twitter feed last night at 22:43 UTC when an individual tweeting from the corporate Twitter account claimed the site had been "sold" to MindGeek, the company that bought PornHub in 2010, and that the fishing-tackle retailer's customers (or perhaps its owners, it wasn't clear) would be able to make use of a "premium" PornHub subscription the miscreants had signed up for using an Angling Direct email addy.

Twitter detectives quickly began to speculate that Angling Direct might have used the same password for Twitter as it did for its other systems, and that the passwords were not protected by multi-factor authentication.

In a note to Angling Direct's admins, the criminal/s, referring to themselves as MASTER, said they could be contacted at hackercontact@anglingdirect.co.uk.

"We will return the information and access to you. Otherwise we will automatically remove [SIC] from our system in 31 days," the tweet from last night added.

In addition to its 39 brick-and-mortar stores that sell all manner of fishing paraphernalia, Angling Direct had 7.4 million people visit its UK website in its fiscal 2021. It runs another three stores in France, Germany and the Netherlands.

The business turned over £67.6m in its fiscal '21, up 27.1 per cent on the prior year. Online sales shot up 39.9 per cent year-on-year to £35.3m, with international accounting for 12.4 per cent. Profit before tax was £2.6m versus a pre-tax loss of £1.5m.

According to a source, the whole domain is currently directing 30,000 people a day to PornHub. Google appears to have indexed the redirect and searches for the brand name warn visitors of adult content.

"Apart from sales lost during the hack while the site is down, the loss in consumer trust and the potential for customer data breaches, there is the additional cost of the site potentially losing some of its ranking in Google long term, which would also natively impact sales," our source said.

The Reg's in-house double entrendre generator exploded this morning when we fed Angling Direct, PornHub, tackle, and rods into the system. While the situation for Angling Direct is not funny, we couldn't resist quoting one reader that contacted us.

"Angling Direct or should that now be called 'Dangling Erect' suffered a DNS redirect... Online level of innuendo is amazing - this was not the sort of rod I was after? And look at the size of that tackle box." ®


Other stories you might like

  • Will this be one of the world's first RISC-V laptops?
    A sneak peek at a notebook that could be revealed this year

    Pic As Apple and Qualcomm push for more Arm adoption in the notebook space, we have come across a photo of what could become one of the world's first laptops to use the open-source RISC-V instruction set architecture.

    In an interview with The Register, Calista Redmond, CEO of RISC-V International, signaled we will see a RISC-V laptop revealed sometime this year as the ISA's governing body works to garner more financial and development support from large companies.

    It turns out Philipp Tomsich, chair of RISC-V International's software committee, dangled a photo of what could likely be the laptop in question earlier this month in front of RISC-V Week attendees in Paris.

    Continue reading
  • Did ID.me hoodwink Americans with IRS facial-recognition tech, senators ask
    Biz tells us: Won't someone please think of the ... fraud we've stopped

    Democrat senators want the FTC to investigate "evidence of deceptive statements" made by ID.me regarding the facial-recognition technology it controversially built for Uncle Sam.

    ID.me made headlines this year when the IRS said US taxpayers would have to enroll in the startup's facial-recognition system to access their tax records in the future. After a public backlash, the IRS reconsidered its plans, and said taxpayers could choose non-biometric methods to verify their identity with the agency online.

    Just before the IRS controversy, ID.me said it uses one-to-one face comparisons. "Our one-to-one face match is comparable to taking a selfie to unlock a smartphone. ID.me does not use one-to-many facial recognition, which is more complex and problematic. Further, privacy is core to our mission and we do not sell the personal information of our users," it said in January.

    Continue reading
  • Meet Wizard Spider, the multimillion-dollar gang behind Conti, Ryuk malware
    Russia-linked crime-as-a-service crew is rich, professional – and investing in R&D

    Analysis Wizard Spider, the Russia-linked crew behind high-profile malware Conti, Ryuk and Trickbot, has grown over the past five years into a multimillion-dollar organization that has built a corporate-like operating model, a year-long study has found.

    In a technical report this week, the folks at Prodaft, which has been tracking the cybercrime gang since 2021, outlined its own findings on Wizard Spider, supplemented by info that leaked about the Conti operation in February after the crooks publicly sided with Russia during the illegal invasion of Ukraine.

    What Prodaft found was a gang sitting on assets worth hundreds of millions of dollars funneled from multiple sophisticated malware variants. Wizard Spider, we're told, runs as a business with a complex network of subgroups and teams that target specific types of software, and has associations with other well-known miscreants, including those behind REvil and Qbot (also known as Qakbot or Pinkslipbot).

    Continue reading

Biting the hand that feeds IT © 1998–2022