Motherboard: Another Day, Another Hack #2

Quite literally, everyday someone gets hacked. Whether that’s a telecommunications company having its customer data stolen, or another chain of businesses being ripped for all the credit cards it processes, today one hack just seems to melt into another. I mean, the day just isn’t complete without a fresh leak of the personal info of ten or so million users.

It’s gotten to the point where there are just so many hacks, that you may have become desensitized to the sheer amount of data that has been pilfered away from the servers of companies. One million user accounts here, 4 million hashed passwords there. The mundanity of everyday data breaches is taking its toll.

That’s why we’re launching this new format: Another Day, Another Hack. We’ll do short posts giving you what you need to know about the hack, so you can figure out whether your bank account, website logins or anything else might be at risk. Because, even if the hack might not be the most sophisticated, and as new data breaches fight for your attention, real people are still getting **** over somewhere, and should know about it.

10 Likes

#1

So here’s the first one in a series:

000Webhost is a Lithuania-based free hosting company. According to Forbes and Troy Hunt of security monitoring site haveibeenpwned.com, a database for 000Webhost containing over 13.5 million unencrypted usernames and passwords is on sale for $2,000.

Hunt and Forbes tested several of the leaked usernames to check if the leak was likely legitimate. But 000Webhost have since admitted to the breach, on the company’s Facebook page.

“We have witnessed a database breach on our main server,” the post reads, and claims that the company was breached because of an outdated piece of software.

000Webhost apparently reset its customers’ passwords, but failed to inform them. The company did not respond to Forbes’ requests for comment.

Forbes pointed out its site didn’t appear to take security all that seriously: the login page didn’t use any encryption, and the site itself was running some pretty out-of-date software.

A Twitter tipster also alerted Motherboard that 000Webhost appears to be leaking the contents of customer support tickets.

The lesson: for 000Webhosting, it’s that encryption of customer data is a necessity, not a luxury.

Another day, another hack.

6 Likes

Whenever I see media like this I always take the time to mention SAFE.
This article does not support comments. but I have emailed the author.

Articles like this along tweets, Facebook posts and videos are now a regular daily occurrence and I do my best to always comment, take part in the conversation and mention SAFE without spamming. Its a great free method for leveraging the interest and traffic off of these massive platforms.

1 Like

But SAFE is not impermeable to hacking, and I hope you do not claim it as such because that’s not the reality of cyber security or the SAFE network in general.

Surely there will be many exploits against apps to alter/read its database/DHT entries.

And some inexperienced developer will eventually leak their private key through one way or another, granting a malicious user access to update the app with their own malicious code, which is instantly updated across the network.

It changes the security climate for sure, but there’s still drawbacks in additional areas. Just keep in mind it’s not some impermeable piece of software.

Not at all. But in this case of the website was hosted on the SAFE network and all of its users were also on the network and instead of using a credit card but instead were paying with SAFE coin it would have been another story altogether.

The user (or an App Store) can prevent this by using a known good immutable version of the app from the network.

I’m not saying safe is foolproof, but you make it sound like there would be no defence against this, when SAFE makes even this kind of threat much easier to defend against. Just sayin’ :smile:

#2

Motherboard posted a new: Anotherday Day, Another hack:

Someone is selling an alleged list of 590,000 Comcast customers’ logins and passwords for $1,000 on a dark web forum, as first reported by CSO Online.

A Comcast spokesperson told Motherboard that the data does not come from a data breach, as “there is no evidence that our systems were breached.”

Though Comcast doesn’t know exactly where the data comes from, the spokesperson said that it was a case of harvesting credentials from other third party breaches, malware, phishing or other “external things that happen in the dark space,” the spokesperson said, likely referring to the dark web.

“This is kind what happens in the dark space, people’s information unfortunately gets compromised in a number of different ways, and then they try to sell it,” the Comcast spokesperson told Motherboard in a phone call on Monday.

The good news is that most of those accounts were either inactive or contained wrong or false information. Only 30 percent of them were active, according to Comcast, so less than 200,000. The other good news is that Comcast already reached out to them to help the users reset their passwords, according to the spokesperson.

It’s unclear how the seller got his or her hands on the data, but it’s likely this is data culled from other breaches occurred in the last few years, where users reuse the same password for many services.

The lesson: don’t reuse your passwords, and set two-factor authentication wherever you can so if your password does get compromised, hackers won’t be able to get in.

Another day, another hack.

Original article: http://motherboard.vice.com/read/another-day-another-hack-hundreds-of-thousands-of-comcast-passwords

2 Likes