Friday 31 July 2015
Friday 24 July 2015
Snapchat database leak claims to contain 4.6 million phone numbers and usernames
03:25
2 comments
Last week security researchers published a way to skim Snapchat's full database, and it appears someone did it before the vulnerability -- which, according to those researchers had been known for months -- was addressed. A website called SnapchatDB! has appeared posting SQL/CSV files that it claims contain the username and associated phone number for a "vast majority" of the service's users, with the last two digits of the numbers obscured. Snapchat eventually admitted that such a hack was theoretically possible, but said additional countermeasures and safeguards it's implemented would make that harder to do. That amounts to 4.6 million pairs, although actually downloading the files to actually use them or verify the claim seems impossible, presumably due to an overload of traffic.
We don't know who is behind the website (its WHOIS record is hidden by WHOISGuard), but the homepage claims this release is happening to "raise awareness" of the fact that companies should be more careful with the private information of their users. As the site mentions, even the info included could be enough to figure out someone's phone number from their username (if it's also used publicly on Twitter, for example), especially problematic for those with unlisted numbers. They also have not ruled out releasing the uncensored database "under certain circumstances," so if you've ever used the service this may be something to keep an eye out for.
Update: Developers Robbie Trencheny and Will Smeindlein have worked up a searchable database to see if your info is among those captured. It's accessible here, and searches by username, apparently based on the SQL file uploaded. Our friends at TechCrunchapparently found at least one writer's info in the database, although a Reddit user who grabbed the file suggests only certain area codes are affected.
Sunday 19 July 2015
'Cyber Army' hacker arrested, says Bulgaria
Bulgaria says it has arrested a hacker suspected of belonging to an Islamist network that targeted more than 3,500 websites worldwide. Bulgarian public radio says the suspect is a resident student originally from Syria.
Bulgaria's interior ministry on Wednesday said the man is accused of belonging to the Middle East Cyber Army (MECA), whose members are suspected of changing websites' content and posting messages in English and Arabic.
One incident involved praise for the deadly gun attack on staff of the French satirical weekly Charlie Hebdo in Paris in January, the ministry said.
The suspect had communicated with other members of the group through secure channels, mapped out targets and exchanged "hacking instruments," said a statement from the ministry.
Public BNR radio quoted official sources as saying the suspect was a 21-year-old student from Syria who had been living in Bulgaria with his parents for more than 20 years.
Observatory targeted
Last week, the Britain-based Syrian Observatory for Human Rights said its website was attacked by a group calling itself "The Cyber Army of the Khilafah."
"We will continue to do our work and document what is happening in Syria," the Observatory's director Rami Abdelrahman told the French news agency AFP.
He said the Observatory had previously received similar threats from the Syrian government and the al-Qaeda affiliate al-Nusra Front.
ipj/gsw (AFP, Reuters, dpa)
Friday 17 July 2015
Student hacker 'penetrated' Facebook
Student hacker 'penetrated' Facebook
successfully “penetrated” Facebook during repeated attempts to illegally access the social networking site’s programmes, a court heard.In one of the first cases of its kind in Britain, Glenn Steven Mangham, 25, used “considerable technical expertise” to repeatedly bypass security at the world’s dominant social network, it was claimed.
The student, from York, faces five charges, including that he “made, adapted, supplied or offered to supply” a computer program to hack into a Facebook server, Westminster magistrates’ court heard
Police sources described the incidents as one of the first investigations into attempts to illegally access the site, which boasts more than 750 million members worldwide.
One Scotland Yard source told The Daily Telegraph that detectives were not aware of any hacking attempts “to this extent” on the site in Britain. It is understood Mangham does not have a Facebook profile.
Mangham was arrested by officers from the Metropolitan Police’s Central e-Crime Unit in early June on suspicion of “computer hacking offences” before being charged earlier this month.
Subscribe to:
Posts (Atom)