400,000 Yahoo Voice Account details published online after hack

[harrybarracuda]

400,000 Yahoo accounts reportedly hacked, published online

By Darren Pauli on Jul 12, 2012 3:48 PM
Filed under Hackers
Clear text passwords dumped.


Up to 400,000 Yahoo! Voice account usernames and passwords have been stolen and published online.
The credentials, kept in clear text, were reportedly hacked by a group dubbed 'd33ds' and taken from Yahoo.com subdomain dbb1.ac.bf1.yahoo.com, according to security researcher and red team member Rob Fuller.
TrustedSec said the breached appeared to be a SQL injection attack to extract the sensitive information from the database.
The full text was available on the groups' website, which now appears offline.



The group allegedly behind the attack had earlier taken credit for hacking rival groups and the hacking leader board RankMyHack.
Yahoo7 has referred SC to the United States Yahoo office for contact. The company does not promote Yahoo! Voice locally.
Eset security blogger Anders Nilsson has run an analysis with Pipal to uncover common passwords and domains with the dump.
Predictably, the most common passwords were '123456', 'password' and 'welcome' while domains Yahoo, Gmail and Hotmail appeared most frequently.
There were 1870 .edu domains, 93 .gov and 81 .mil.
The full password analysis is on Pastebin and a mirror of the dump has been posted to MediaFire.

[harrybarracuda]

NVIDIA and Android forums hacked, user credentials stolen

Posted on 13 July 2012.

Following the high-profile breach of one of Yahoo's subdomain servers and the resulting leak of over 450,000 passwords stored in clear text in one of the exfiltrated databases, today was marked with the revelation of three more breaches: the official forum site of technology company NVIDIA, Androidforums.com, and Billabong.com.


NVIDIA suspended operation of its forum page last week, and came out with the reason yesterday, explaining that unauthorized third parties gained access to some user information: usernames, email addresses, hashed passwords with random salt value, and public-facing "About Me" profile information.

The company pointed out that when the system comes back online, all user passwords will be automatically reset and an email with a temporary password, along with instructions on how to change it, will be sent to the users' registered email address.

"As a precautionary measure, we strongly recommend that you change any identical passwords that you may be using elsewhere," it said in the statement. "Do not provide personal, financial or sensitive information (including new passwords) in response to any email purporting to be sent by an NVIDIA employee or representative.

An Android Forums administrator has been tasked with warning users - over one million of them - about the breach into the server hosting androidforums.com and the fact that the website's database - containing unique ids, usernames, emails, hashed and salted passwords, registration IP addresses, usergroup memberships, and other less critical information - was accessed and likely exfiltrated.

He says that the exploit used for the attack has been identified and resolved, and that the server has been hardened against future attacks.

"This was, in our current opinion, most likely an e-mail harvesting attempt. A spammer could theoretically attempt to bulk e-mail all AF users with the user database," wrote the administrator, but still warned about possible phishing attempts against the users and staff - not to mention the fact that the passwords can be used to gain access to users' accounts.

Consequently, he urged users to change their passwords immediately - even before reading the warning.

Finally, clothing manufacturer Bilabong has allegedly had its main web server hacked and 20,000 to 35,000 user names and corresponding passwords stolen from it.

The claim was made via a post on CodePaste.net but, as ars technica reports, only 1,435 plaintext user credentials were shared with the public so far.

The company has yet to confirm or deny the claim that the attackers penetrated their website's defenses.

[harrybarracuda]

Yahoo! closes security hole

By Dan Kaplan on Jul 17, 2012 11:46 AM
Filed under Applications
Promises to beef up security after password breach.

inShare

Comment Now


Yahoo has fixed a security vulnerability that allowed hackers to seize roughly 450,000 unencrypted email addresses and passwords belonging to members of its content-sharing platform.
In a blog post, the web giant said the intruders accessed a "standalone file" that contained the login data used by writers who joined Associated Content prior to May 2010, the month when Yahoo acquired the company for $US100 million.
Now called Yahoo Contributor Network, the business unit specialises in producing freelancer-generated, search-optimised content.
According to experts, the hackers, which claimed to be part of a relatively unknown contingent known as "D33ds Company," obtained the information in clear text through a SQL injection attack, a common technique used to infiltrate vulnerable web applications.
"We have taken swift action and have now fixed this vulnerability, deployed additional security measures for affected Yahoo users, enhanced our underlying security controls and are in the process of notifying affected users," the post said.
"In addition, we will continue to take significant measures to protect our users and their data."
The company declined to specify further.
Affected users will be asked to answer a series of challenge questions to enable them to reset their credentials.
This article originally appeared at scmagazineus.com