Connect with us

hacking

Russia’s Biggest Social Network Hacked

Published

on

Russia's Biggest Social Network Hacked 1
Russia's Biggest Social Network Hacked 2

Another day, another Data Breach! Now, Russia’s biggest social networking site VK.com is the latest in the line of historical data breaches targeting social networking websites. 

The same hacker who previously sold data dumps from MySpaceTumblrLinkedIn, and Fling.com, is now selling more than 100 Million VK.com records for just 1 Bitcoin ( approx. US$580). 

The database contains information like full names ( first names and last names), email addresses, plain-text passwords, location information, phone numbers and, in some cases, secondary email addresses. 

Yes, plain-text passwords. According to Peace, the passwords were already in plain text when the VK.com was hacked. So, if the site still stores passwords in cleartext today, this could be a real security risk for its users. 

The data breach has initially been reported byLeakedSource search engine, which received portions of the database from one of the people who bought it. 

The company has already analyzed the contents of the data dump and has added it to its service. So, you can use its search engine to check if you were compromised. 

Russia’s Facebook VK.com is said to be the largest social networking site in Europe with more than 350 Million users. So, the hack is believed to be the biggest hack the site has ever experienced. 

The validity of the credentials exposed in the hack is thought to have been stolen in late-2012 or early 2013 when VK.com had just under 190 Million users. 

All the LinkedIn, MySpace, and Tumblr data breaches are also believed to have taken place during the same duration, between 2012 and 2013, when many websites were not practicing appropriate Web security policies, like hashing and salting passwords. 

Russia's Biggest Social Network Hacked 3

The hacker, named Peace ( or Peace_of_mind), is selling the dataset — which is over 17 gigabytes in size — on The Real Deal dark web marketplace for a mere 1 Bitcoin. 

According to LeakedSource, the most common password used by VK.com users was “ 123456,” followed by “ qwerty” and “ 123123,” which are incredibly easy to predict. Also, the vast majority of email addresses came from mail.ru. 

Like other data breaches, I strongly suggest you change your password immediately, especially if you use the same password for other websites.

CNET

Michael Ajah is a Computer Science Student of The University of Port Harcourt and a Chelsea Fan. He loves RnB and a little mix of Trap Music. An awesome tech reviewer and analyst. Email - [email protected]

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

hacking

Covid-19 Cyber attacks Spike as Health sectors battle Hackers: Here’s how to stay safe

Published

on

Covid-19 Cyber attacks Spike as Health sectors battle Hackers: Here's how to stay safe 4

The world continues to battle the deadly Covid-19 pandemic also called Coronavirus as many sectors and companies encourage their staffs to work from home.

Office workers who usually don’t have much time for their social networks and mass random messages now have ample time to go through their devices and computers and even see a few movie series.

Coronavirus regulation in Nigeria

Ironically, this is possible as individuals cling to the only thing that could help them communicate with the outer work – their smartphones.

This large number of human force all stuck at home has led a major increase in online scammers as even the ethical one’s amongst them have grown bored and looking for new loopholes to exploit.

Organizations are been targeted, individuals are made to pay the price for being idle, phishing mails are getting sent and received at a rate of a thousand mails every second. But asides all these, individuals are encouraged to stay safe from the deadly virus with recorded infection figures going up each day here in the part of the world.

Seems everyone forgot about the other safe which is very much vital too??!

Covid-19 fraud related cases

The U.S. Federal Bureau of Investigations (FBI) is warning the Internet community that COVID-19 has sparked rising scammers leveraging the deadly virus to steal money, personal information or both from users of online services.

“Protect yourself and do your research before clicking on links purporting to provide information on the virus; donating to a charity online or through social media; contributing to a crowdfunding campaign; purchasing products online; or giving up your personal information in order to receive money or other benefits”, the US law enforcement agency advises.

In this part of the world where vulnerable individuals hardly struggle to survive each day, talks making rounds on the internet regarding the Nigerian government sharing stimulus package of N20,000 to every citizen has done little to help arrest the issue of cybercrime.

Covid-19 Cyber attacks phishing emails

Hackers and scammers have been continuously bombarding individuals with phishing links to give away their details so as to enlist them and reserve their own package; which invariably is only sugar-coated lies.

This is not a happy sight as so many individuals who struggle to make through each day with their families end up giving away the little they have in reserve.

A recent war brewing between the United States and China over alleged hack into the former’s Covid-19 vaccine research systems just goes about to tell you no one is exempt from the monster that is Cyber attack.

Furthermore, company’s have had to educate their staffs with regards to working from home and handling logins both on personal and public computers as any major breakthrough in user data could finally result in giving away company information which isin’t really a worthy report.

FBI says Internet users should always use good cyber hygiene and security measures when they are online.

According to the law enforcement agency, the following five(core) tips are vital for any Internet user to protect themselves and help limit the rate of cybercrime activity:

  1. Do not open attachments or click links within emails from senders you don’t recognize no matter how tempting the message contained is.
  2. Do not provide your username, password, date of birth, social security number, BVN, financial data, or other personal information in response to an email or robocall from a random individual.
  3. Always verify the web address of legitimate websites and manually type them into your browser. If possible Google search the address name categorically before clicking through.
  4. Check for misspellings or wrong domains within a link (for example, an address that should end in a “.gov” ends in .com” instead).
  5. If you believe you are the victim of an Internet scam or cyber crime, or if you want to report suspicious activity, don’t hesitate to contact the institution involved ASAP.

Internet fraud is a monster that won’t just go away yet but with staying safe, careful and regulating our online footprints, we could save lives and cooperations at large.

Continue Reading

hacking

Google pays Student $10,000 For Reporting Security Flaw

Published

on

Hackers don’t always make money from criminal activities. Big Tech companies like Google and Facebook have bug bounty programs in which security researchers are rewarded for disclosing existing flaws in the system.
Google pays Student $10,000 For Reporting Security Flaw 5

Last year, Google released a result which shows that hackers were rewarded $3 million throughout 2016. Recently, a Uruguayan student has been rewarded with $10,000 because he managed to discover a vulnerability in Google.

According to Ezequiel Pereira, he found the vulnerability when he was playing with Google services using a web security testing tool known as Burp Suite.

He was actually playing with Burp Suite to find the vulnerability, after many failed attempts, he discovered that the internal web page of yaqs.googleplex.com didn’t have the username or password check in place.

Googleplex.com hosts several Google App Engine applications.

Ezequiel Pereira wrote

“The website’s homepage redirected me to “/eng”, and that page was pretty interesting, it had many links to different sections about Google services and infrastructure, but before I visited any section, I read something in the footer: “Google Confidential

“At that point I stopped poking at the website and reported the issue right away, without even thinking of a better way to show the vulnerability than with Burp”

He also shared screenshots of the email exchanges with Google’s security team the same day. Google’s security team confirmed that the bug he reported was very effective. Pereira says he was very surprised when he received $10,000 from Google team for his work after a month.

However, Google has resolved the vulnerability and the large reward was because they found a few variants that would have allowed an attacker access sensitive data”
.
.

Continue Reading
Advertisement

New Arrivals

Recent Comparisons

Trending