Category Archives: buying stolen it data online

FBI charges Chinese national with distributing malware used in OPM hack attack

The malware has been linked to both the data breach of the US Office of Personnel Management as well as the Anthem breach.

The FBI has filed charges against a Chinese malware broker named Yu Pingan, alleging that he provided hackers with malware, including the Sakula trojan, to breach multiple computer networks belonging to companies in the US

The FBI alleges that Yu, also known as “GoldSun,” conspired with two unnamed hackers from around April 2011 through around January 2014 to maliciously target a group of US companies’ computer networks.

The complaint filed does not name which companies were targeted but notes that the different companies were headquartered in San Diego, California; Massachusetts; Los Angeles, California; and Arizona.

The rarely-used Sakula malware has been linked to both the 2014 breach of the US Office of Personnel Management as well as the 2015 breach of the health insurance firm Anthem.

The Anthem breach impacted 78.8 million current and former customers of the company, while the OPM hack affected more than 22 million records of Americans who had applied for security clearance to work for the government.

MySpace hackers place another 427 million passwords up for sale

Password theft should make victims change credentials they have re-used for other sites.

security-lock-abstract-thumb image www.intelagencies.com

In another haunting hack from the past, Time Inc. has confirmed the theft of 427 million passwords from MySpace, the aging social networking site the media company acquired just three months ago.

The records were offered for sale on the dark web by the same hacker who posted for sale a trove of 117 million stolen LinkedIn passwords nearly two weeks ago. The posted price for MySpace credentials is 6 bit coins or about $3,200 at today’s rate.

The MySpace incident is tied to a June 11, 2013 hack, according to LeakedSource, while the LinkedIn episode dated back to 2012. LeakedSource is the same web site that confirmed the LinkedIn theft.

The important similarity of these dated incidents lies in the fact that hackers could use these recently posted stolen passwords to break into current accounts of victims who re-use passwords across many sites, including banking and health services.

The recent 2016 Verizon Data Breach Investigation Report showed that 63% of confirmed data breaches involved weak, default or stolen passwords.

Social media users made light of the aging passwords, including Paul Hosford, a reporter with the Irish media site thejournal, “If MySpace hackers have managed to get hold of my password, can they tell me what it is?”

But even past its prime, MySpace reports today 50 million visitors per month. On its blog, MySpace said the stolen passwords have been inactivated on its site, and it encouraged users to set new passwords on accounts where they used the same or similar password from their MySpace account.

LeakedSource reported that the MySpace passwords were stored in SHA1 with no salting, a process that makes decrypting passwords exponentially harder. MySpace confirmed the stolen data included user login data “from a portion of accounts that were created prior to June 11, 2013.”

Time Inc., which own titles such as Fortune and Sports Illustrated, acquired MySpace when it bought parent company Viant Technology in February. Terms of the deal were not disclosed, but at the time Time Inc. chairman and CEO Joe Ripp, said, “This acquisition is game changing for us.” Today, the change seems to be dealing with a major hack of private account data.

Since its heyday early in this century as the world’s largest social media site, MySpace was acquired in 2005 by News Corp. for $580 million and again in 2011 for $35 million by Justin Timberlake and Specific Media Group.

www.socialselect.net

7745

www.scamsfakes.com

Henry Sapiecha