Hacker steals 45 million accounts from hundreds of car, tech, sports forums

Discussion in 'Android News' started by Jeffrey, Jun 15, 2016.

  1. Jeffrey

    Jeffrey Premium Member
    Premium Member

    Joined:
    Jan 30, 2012
    Messages:
    6,692
    Likes Received:
    3,549
    Trophy Points:
    1,578
    Location:
    Thailand
    Ratings:
    +4,037
    Current Phone Model:
    iPhone 7 Plus JB
    The company that runs the forums admitted failings, but underplayed the hack.

    [​IMG]
    By Zack Whittaker for Zero Day | June 14, 2016 -- 18:00 GMT (02:00 GMT+08:00) | Topic: Security

    A hacker has stolen tens of millions of accounts from over a thousand popular forums, which host popular car, tech, and sports communities.

    The stolen database contains close to 45 million records from 1,100 websites and forums hosted by VerticalScope, a Toronto-based media company with dozens of major properties, including forums and sites run by AutoGuide.com, PetGuide.com, and TopHosts.com.

    The company didn't outright confirm the breach, but said it was investigating.

    "We are aware of the possible issue and our internal security team has been investigating and will be collecting information to provide to the appropriate law enforcement agencies," said Jerry Orban, vice-president of corporate development, in an email.

    He added:

    "We believe that any potential breach is limited to usernames, user IDs, email addresses, and encrypted passwords of our users. In addition, we are reviewing our security policies and practices and in response to increased Internet awareness of security-related incidents, including potential incidents on our communities, we are implementing security changes related to our forum password strength and password expiration policies across certain forum communities."

    But a further analysis of the leaked database, obtained by breach notification site LeakedSource.com, suggests that the scope of data may be greater than first thought.

    In a sample given to ZDNet, the database shows email addresses, passwords that were hashed and salted passwords with MD5 (an algorithm that nowadays is easy to crack), as well as a user's IP address (which in some cases can determine location), and the site that the record was taken from.

    LeakedSource confirmed the findings in a blog post, published Tuesday.

    The group said in its blog post that it was "likely that VerticalScope stored all of their data on interconnected or even the same servers as there is no other way to explain a theft on such a large scale."

    Despite a push in recent years for stronger encryption and fixing security flaws, the forums thought to be affected by the breach fell far behind industry security norms.

    A cursory search of the list of domains caught up in the hack revealed that none of the sites we checked offered basic HTTPS website encryption, which would prevent usernames and passwords from being intercepted.

    Many of the forums ran versions of vBulletin software dating back to 2007. Most were running software versions that were easily exploitable by hackers with known vulnerabilities. Ablog post from security reporter Brian Krebs from 2013 showed that older versions of the vBulletin forums that were vulnerable could be easily searched with readily-available attack tools.

    It's not clear who carried out the hack. A LeakedSource group member said it was "not related" to the recent hacks againstMySpace, LinkedIn, and Tumblr.

    As of Tuesday, the company has not made any public statement in relation to the hack.

    Unlike in other recent other breaches, this data does not appear to be for sale on the dark web -- for now.

    Word to the wise.. Change our passwords every month.. Better safe than sorry..
     
    • Like Like x 1
  2. leeshor

    leeshor Gold Member

    Joined:
    Jan 30, 2012
    Messages:
    4,363
    Likes Received:
    1,437
    Trophy Points:
    358
    Location:
    Norcross, GA - USA
    Ratings:
    +1,676
    YIKES!
     
    • Like Like x 1
  3. Sydman

    Sydman Premium Member
    Rescue Squad Premium Member

    Joined:
    Jul 18, 2010
    Messages:
    3,871
    Likes Received:
    609
    Trophy Points:
    243
    Location:
    Austin, Tx
    Ratings:
    +678
    Current Phone Model:
    Nexus 6P
    Ah, that explains it. Got an email yesterday out of the blue from a Dodge Challenger forum I was apart of saying my password has been reset. Dern Hackers!
     
    • Like Like x 1
  4. Efin

    Efin Diamond Member

    Joined:
    Apr 19, 2014
    Messages:
    5,714
    Likes Received:
    3,415
    Trophy Points:
    1,563
    Ratings:
    +3,652
    Same here, Ford Diesel Forum, hope forum foundry is solid.
     
  5. Mustang02

    Mustang02 Diamond Member

    Joined:
    Aug 8, 2010
    Messages:
    7,627
    Likes Received:
    5,116
    Trophy Points:
    1,563
    Location:
    Ohio
    Ratings:
    +6,074
    Current Phone Model:
    Nexus 6P/5X
    Df isn't using vbulletin. They are on xenforo.
     
    • Agree Agree x 1
  6. Efin

    Efin Diamond Member

    Joined:
    Apr 19, 2014
    Messages:
    5,714
    Likes Received:
    3,415
    Trophy Points:
    1,563
    Ratings:
    +3,652
    That's good, I think more than one I'm on is using vbulletin
     
  7. cr6

    cr6 Super Moderator
    Staff Member

    Joined:
    Apr 1, 2011
    Messages:
    8,356
    Likes Received:
    5,878
    Trophy Points:
    1,778
    Location:
    NW Rocky Mtn region
    Ratings:
    +6,708
    Current Phone Model:
    Galaxy S7 Edge
    Twitter:
    @dronewolfmedia
    Correct. There are quite a few older sister sites on vBulletin.

    S5 tap'n
     
    • Agree Agree x 1
  8. Mustang02

    Mustang02 Diamond Member

    Joined:
    Aug 8, 2010
    Messages:
    7,627
    Likes Received:
    5,116
    Trophy Points:
    1,563
    Location:
    Ohio
    Ratings:
    +6,074
    Current Phone Model:
    Nexus 6P/5X
    I'm on a ton of sites. Most are xenforo. If they steal my password, it's not the end of the world.
     
    • Like Like x 1