In the past few weeks, FriendFinder Networks has had a number of major data breaches that resulted in over 412 million user accounts exposed.
FriendFinder Networks owns AdultFriendFinder, Cams.com, Penthouse, Stripshow and iCams.com all which suffered breaches but AdultFriendFinder suffered the worst with over 300 million accounts leaked.
“Over the past several weeks, FriendFinder has received a number of reports regarding potential security vulnerabilities from a variety of sources,” Diana Ballou, FriendFinder vice president and senior counsel, told ZDNet which is a sister site of cnet.com. “While a number of these claims proved to be false extortion attempts, we did identify and fix a vulnerability that was related to the ability to access source code through an injection vulnerability.”
The breach was a result of a local file inclusion exploit according to LeakedSource who also said the exposed information was not going to be made publicly available. Also according to LeakedSource FriendFinder used a number of bad security practices such as passwords stored in plaintext or hashed using SHA1 which is notoriously easy to crack. They also still had account information for deleted user accounts and sites they no longer ran such as Penthouse.com which is now owned by Penthouse Global Media.
This is the second time the AdultFriendFinder site has been hacked in two years with the last leaking 3.5 million account in May of 2015 according to LeakedSource.
FriendFinder Networks hack reportedly exposed over 412 million accounts
Last year security researchers had gotten access to Linux operating systems by using a design flaw in the memory storage to get higher kernel privileges on the system. Now for the first time with dynamic random access memory exploit called Rowhammer, which was already known about but not implemented on a mobile device, hackers will be able to gain “root” access to many android phones.
VUSec Lab at Vrije Universiteit Amsterdam was able to gain access for the first time using the Rowhammer exploit. The exploit works by “executing a malicious application that repeatedly accesses the same “row” of transistors on a memory chip in a tiny fraction of a second in a process called Hammering.” This can disturb a neighboring row causing energy to leak into more rows which causes a bit to flip. Bit flipping allows anyone to change the contents of memory in an operating system.
Drammer has no quick fix so it could become a very big problem for android phone users. They were able to gain access to many phones but none of the newer phones they only got up to the s5 for Samsung’s Galaxy model. The way they were able to access the phones was using something called ION in the android phones DRAM memory. Once the malicious app is downloaded within minutes it will have root access to your phone.
Just a few days ago, Dr Sergei Skorobogatov, who works at the University of Cambridge laboratory, was able to develop a method to crack an unknown pin code on an iPhone 5c. He did it by removing the Nand chip, which is the main memory of the phone, studying how it communicated with the phone and successfully cloning it.
The purpose of this is to allow for an unlimited number of passcode attempts as usually an iPhone will lock up after a few incorrect tries. This directly contradicts a claim by the FBI that this method (called Name mirroring) would not work during the time they were attempting to access San Bernardino gunman Syed Rizwan Farook’s iPhone 5c.
Dr Skorobogatov made a YouTube video demonstrating his method of removing and replacing the Nand chip and the successful reset of the passcode lockout counter.
Using this method, he was able to crack a 4 digit code in about 40 hours and a 6 digit code could take hundreds of hours. In order to crack newer phones, Dr Skorobogatov said more information was needed about how Apple stored data in memory and he would need a more sophisticated set-up to extract the memory chip.
Apple has not responded to this yet.
Link to original article: http://www.bbc.com/news/technology-37407047
The hacking group OurMine carried out another cyberattack on September 3, 2016. This time it was on the news publication, Variety. In addition to that, the hackers also targeted the readers by bombarding their emails with spam stating that it’s just testing its security. Along with that message, a link was provided to the website ourmine.org and a video; although it does not state what the content was and has been removed. Variety quickly responded to subscribers saying that they are working to resolve the unauthorized communications, and to ignore and delete the messages.
What’s interesting is that OurMine isn’t out to steal data or take down websites. The group states that their purpose is to make “bigwigs in the industry aware of their security flaws by hacking them.” Variety also states that OurMine doesn’t shut down websites and abscond with data. The group positions itself as a cybersecurity group that raises awareness by hacking into prominent people and brands.
Along with Variety, OurMine has also hacked the Quora account of Google CEO Sundar Pichai, the Twitter account of Twitter CEO Jack Dorsey, and the Twitter and Pinterest accounts of Facebook CEO Mark Zuckerberg. They also claim to be the ones responsible for the distributed denial of service attacks on the servers of Pokemon Go in July.
Source: OurMine Strikes Again