2 million stolen passwords for Facebook, Twitter, Google, Yahoo and others leaked online

Security experts have uncovered a trove of some 2 million stolen passwords to websites including Facebook, Google, Twitter and Yahoo from internet users across the globe.
passsResearchers with Trustwave’s SpiderLabs said they discovered the credentials while investigating a server in the Netherlands that cybercriminals use to control a massive network of compromised computers known as the “Pony botnet.”

The company said that it has reported its findings to the largest of more than 90,000 websites and internet service providers whose customers’ credentials it had found on the server.

The data includes more than 3,26,000 Facebook accounts, some 60,000 Google accounts, more than 59,000 Yahoo accounts and nearly 22,000 Twitter accounts, according to SpiderLabs. Victims’ were from the United States, Germany, Singapore and Thailand, among other countries.

Representatives for Facebook and Twitter said the companies have reset the passwords of affected users. A Google spokeswoman declined comment. Yahoo representatives could not be reached.

SpiderLabs said it has contacted authorities in the Netherlands and asked them to take down the Pony botnet server.

An analysis posted on the SpiderLabs blog showed that the most-common password in the set was “123456,” which was used in nearly 16,000 accounts. Other commonly used credentials included “password,” “admin,” “123″ and “1.”

Graham Cluley, an independent security expert, said it is extremely common for people to use such simple passwords and also re-use them on multiple accounts, even though they are extremely easy to crack.

“People are using very dumb passwords. They are totally useless,” he said.

About these ads

Gmail Users Should Have No Expectation of Privacy

Google’s legal counsel says Gmail users should have no legitimate expectation of privacy

Google : Don't Expect Privacy

Google : Don’t Expect Privacy

In response to a lawsuit Google has disclosed that, from the company’s perspective, no one should be expecting their emails to remain private. This is likely news to most gmail users who create a password thinking that limits access to their account and probably expect their emails to be private.

“Plantiffs accuse Google of violating the privacy of its users by mining their personal messages for information that it uses to inform which targeted ads it displays. The suit calls for Google to fully disclose exactly what information it’s taking from emails, and to pay damages for these alleged violations of privacy.

The company argued in its motion to dismiss the lawsuit that “all users of email must necessarily expect that their emails will be subject to automated processing.

That is an interesting attitude. A clear implication would be allowing the NSA to automatically process everyone’s gmail account emails.

“Google asserts that, in principle, if you entrust your personal messages to a third party, you can’t expect that the third party won’t touch any of that information:

Just as a sender of a letter to a business colleague cannot be surprised that the recipient’s assistant opens the letter, people who use web-based email today cannot be surprised if their communications are processed by the recipient’s ECS provider in the course of delivery. Indeed, “a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.” Smith v. Maryland, 442 U.S. 735, 743-44 (1979).

On the surface this seems reasonable, that once you send information to someone else you can’t expect them not to share it with other people. However, that is not what Google is saying.

Instead, Google is saying that users of gmail should realize that Google is the third party. By writing an email in gmail the user is essentially sending Google the email and therefore cannot expect privacy. If Google shares those emails with whoever it wants, well, you should have known better.

Facebook admits year-long data breach exposed 6 million users

SAN FRANCISCO (Reuters):- Facebook Inc has inadvertently exposed 6 million users’ phone numbers and email addresses to unauthorized viewers over the past year, the world’s largest social networking company disclosed late Friday.

Facebook blamed the data leaks, which began in 2012, on a technical glitch in its massive archive of contact information collected from its 1.1 billion users worldwide. As a result of the glitch, Facebook users who downloaded contact data for their list of friends obtained additional information that they were not supposed to have.

Facebook admits year-long data breach

Facebook admits year-long data breach

Facebook’s security team was alerted to the bug last week and fixed it within 24 hours. But Facebook did not publicly acknowledge the bug until Friday afternoon, when it published an “important message” on its blog explaining the issue.

A Facebook spokesman said the delay was due to company procedure stipulating that regulators and affected users be notified before making a public announcement.

“We currently have no evidence that this bug has been exploited maliciously and we have not received complaints from users or seen anomalous behavior on the tool or site to suggest wrongdoing,” Facebook said on its blog.

While the privacy breach was limited, “it’s still something we’re upset and embarrassed by, and we’ll work doubly hard to make sure nothing like this happens again,” it added.

The breach follows recent disclosures that several consumer Internet companies turned over troves of user data to a large-scale electronic surveillance program run by U.S. intelligence.

The companies include Facebook, Google Inc, Microsoft Corp, Apple Inc and Yahoo Inc.

The companies, led by Facebook, successfully negotiated with the U.S. government last week to reveal the approximate number of user information requests that each company had received, including secret national security orders.

(Reporting by Gerry Shih; Editing by Richard Chang)

Facebook server outage makes everyone freak out

STAND down. Facebook appears to be back online after a few minutes of a server-wide outage. Everyone can stop losing their minds.

Facebook appeared to be down for many users in the past hour or so with many taking to Twitter to complain that they could not access the site. When YourGadgetGuide tried to access Facebook from the UK 30 minutes ago the servers did not appear to be responding although in the last few minutes it has come back online. Service monitoring site DownRightNow reported that many of its users had reported Facebook as being offline although it is unclear what caused the problem. Facebook later explained that the site outage was due to some work they were doing on the site’s DNS servers.

Facebook server down

Facebook server down freaks out All

It said, “Earlier today we made a change to our DNS infrastructure and that change resulted in some people being temporarily unable to reach the site. We detected and resolved the issue quickly, and we are now back to 100 percent. We apologize for any inconvenience.” Earlier today at around 5pm Eastern Google was also suffering with reports of a GMail being down in the US, the UK and Brazil. were reported in the U.S., as well as Great Britain and Brazil. The email service returned after about an hour, “We’re investigating reports of an issue with Google Mail. We will provide more information shortly”, Google said on the Google Apps Dashboard.

Some dates when Facebook was actually down

On September 23, 2010, Facebook was showing DNS failure when you tried to reach their site. This seemed to be the case for most visitors.

Other general comments from our users about Facebook

  • Facebook can be down or working at various times throughout the day due to server problems, over activity, site problems, bugs, etc.
  • However, it should be pointed out that the servers of Facebook are rarely down and they last about 2 minutes (at most) when they are. If the servers are down, they forward you to a page telling you to come back later; when they maintain the site, they do it account by account, so the homepage is always working.
  • A good Internet connection is necessary to load the page, so if you can’t access Facebook, check that there is nothing else using the Internet on your IP address. If it is always slow, contact your service provider.
  • Sometimes Facebook doesn’t load due to the amount of cookies on your computer. If you have Vista, click Tools, delete browsing history and then delete all.

Messages posted online, apparently linked to hacking group Anonymous, have claimed responsibility for attacking the site, but these have since been debunked. That didn’t stop people from speculating that the outage was orchestrated by Anonymous in response to Facebook’s involvement in the US National Security Administration data-mining scandal.

Malawi Google ,MSN, Yahoo domains defaced by TiGER-M@TE

The famous hacker from Bangladesh who goes by the name TiGER-M@TE has once again hacked high profile domains, as he is well known for having done so many times in the past. This time he has hacked the National Domain registrar of Malawi (.mw) and attacked many websites which includes many prominent sites.  However this time he is not functioning alone and has teamed with another hacker h311 c0d3 to perpetrate an all round attack. Together, they hacked the Malawi domain registrar website and subjugated many master and slave DNS servers.

Malawi Google ,MSN, Yahoo domains defaced by TiGER-M@TE

Malawi Google ,MSN, Yahoo domains defaced by TiGER-M@TE

The affected sites include the Malawi Google domain (google.mw), Yahoo (yahoo.mw), Coca cola (cocacola.mw), Kaspersky (kaspersky.mw), MSN (msn.mw), gmail (gmail.com.mw) and many others which have been defaced. Another hacker, c0de-X-1337 also joined the party and hacked the Google maps site (maps.google.co.mw). The defaced site of Malawi Yahoo displayed the following message,

#Bangladeshi HackeR
Greetz : c0de-X-1337 ; h311 c0d3 ; m1l05 ; kinG oF coNTroL ; Barbaros-DZ ; F0RTYS3V3N ; aBu.HaliL501 ; W7sH.SyRiA ; j0 ; l0calh0st ; Ne0-h4ck3r ;
# localhost_80@programmer.net

The mirrors of the hacked sites have been posted on zone-h and can be accessed to observe the extent of this cyber attack. Apparently the hackers altered the actual DNS records in such a manner so as to redirect these domains to their web servers which display the defaced pages. So understandably, this attack was performed using the DNS poisoning method which can be used to affect multiple sites at one time although the hackers have made no comments about the manner in which they perpetrated the attack.  But it is certainly a cause of worry for the web administrators given the fact that the attacks on the domain registrars are becoming common by the day.

The original sites have been restored to normal functioning at the time of writing but it is ambiguous whether the Domain registrars have got rid of vulnerabilities that were exploited by the hackers. Though many are uncertain about the motive for the attack, but the one thing everyone agrees about is that the attacks could have been much worse than simple defacement, if the hackers had any real malicious intent while perpetrating the hack.

Well, given the track record that TiGER-M@TE has, it is not surprising that he has done such an attack. TiGER-M@TE is the same guy who had hacked more than 700,000 InMotion websites in a single go back in 2011 and also hacked the Google Bangladesh site in the same year and has hacked other top sites such as Yahoo, Nokia, Avast etc. It seems that he is again on a quest to prove his hacking genius. However, it is the Domain registrars who will have to up the ante so that future attacks of this nature can be avoided at the very least.

Gmail warning Myanmar Journalists about State-sponsored attacks

Journalists in Myanmar started receiving warning messages about a possible state sponsored attack on their email accounts from Google. These warning messages are displayed whenever the users open their Gmail accounts and receive alerts about their email accounts being compromised as a result of intrusions sponsored by the government which goes like “We believe state-sponsored attackers may be attempting to compromise your account or computer”. Google spokesperson Taj Meadows has agreed to the fact that such a service is in operation and commented that “I can confirm that we send out these types of notices, but don’t have any more info for you at this time”. He also stated that a service which warns about possible malicious attacks had been in place since last June while referring to a blog that confirms the same and that they have extended the aforementioned service to attacks which were carried out by the state as well. It is not entirely shocking as Myanmar has a history of placing strict limits on the journalism in their country.

Gmail warning Myanmar Journalists about State-sponsored attacks

Gmail warning Myanmar Journalists about State-sponsored attacks

The warning message according to the blog mentions the nature and implications of the warning messages , “If you see this warning it does not necessarily mean that your account has been hijacked, “It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account.”  It is clear from this that these messages are just of precautionary nature and that one must be cautious. The identity of the attackers is ambiguous as of now and it can not be confirmed which government attackers are behind these purported attacks or if some other hackers are perpetrating these attacks.
A bunch of reporters have received such messages most of whom belong to reputed media houses in Myanmar. Most prominent among these is the Eleven Media group news editors, including its chief editor Wai Phyo. Others who received such notifications include the editor of the The Voice weekly journal Aung Soe, Myat Thura, a journalist with the Kyodo News Agency, and a correspondent of the Associated Press has also received such an alert. Moreover, some IT experts and a few Gmail users are also receiving these mails.

These messages have led to increased trepidation among these correspondents and many are wondering whether this is a state sponsored attempt to carry out espionage on these reporters. There are others who are grappling with the possibility of such infiltration and are reminded of the early harsh military regime which used to perform strict monitoring and placed censorship on journalism.  The other fact is that some major hacks on sites of media agencies have been performed by hackers in the country such as Red Army, MMCF, and Anonymous Myanmar very recently so the possibility of hackers using the state as a shield for their propaganda cannot be ignored.

The Government of Myanmar has denied involvement and the spokesperson for President Thein Sein has denied these allegations and termed them baseless.

However, all those people who have received these notifications must change their passwords and take other necessary security measures to avoid any untoward happening.