A high-profile cyber incident at the Gemotest private laboratory network is the focus of a recent case. In 2022, an intrusion led to the exposure of sensitive customer data, with roughly 300 gigabytes published publicly. The incident resulted in a sentence imposing 1.5 years of freedom restriction for the responsible party, according to a report from the Telegram channel Baza. [Baza]
The man behind the breach was identified as the son of Fuad Alekperov. He reportedly breached the system through a remote corporate television site, exploiting a prebuilt web shell. This tool allowed remote server management, and it was accessed using the administrator credentials tied to the corporate television presenter. [Baza]
According to the outlet, a vulnerability in the server software enabled a malicious script, disguised as a video file, to be downloaded and executed. The attacker managed to obtain an administrator account through unclear means, with details kept undisclosed by Baza. [Baza]
Once inside, the hacker deployed several additional malicious services across the corporate network via the web shell. This access granted visibility into the server housing user data, which was stored alongside the television content. Interdepartmental barriers were not effectively enforced, allowing broad movement within the system. [Baza]
The case also points to prior attempts by hackers to harvest user information through Bluetooth channels, highlighting a broader pattern of data-targeting techniques observed by investigators. [Baza]