Friday, May 6, 2016

Data leakage of Mail.ru users: what is known? – Slon.ru – Edition Business News

May Fourth became aware of the scale of the data leakage accounts on the service Mail.ru, as well as postal services Yahoo, Microsoft and Google. Information circulated an expert in computer security, the head of Alex Holden Hold Securities. According to him, stolen logins and passwords of hundreds of millions of users. The Mail.ru already stated that the database that gets into the wrong hands, has been compiled from various sources (in other words, is not the result of a single data leak from the service).

A similar service in the administration said a few years ago – in connection with other large-scale data breaches. Other sources, however, suggest that it is still talked about hacking, which became possible due to vulnerabilities in the free software used by Russian Internet companies. Discussed and a version that a large-scale hacking was not, and the whole story has been exaggerated in the interests of the Russian authorities, who needed an excuse to increase control over the network.



What told Holden?

Information about the leak appeared on one of the forums. A hacker from Russia boasted that got him the account data of hundreds of millions of users – a total of more than a billion alleged. When he was contacted by representatives Hold Securities, he offered to sell them the entire database.

Details, however, are questionable. According to Holden, for the information the hacker asked for only 50 rubles. But in the end all agreed to give it for free -. In exchange for what he promised “positive comments on hacker forums»

According to Hold Securities, database contains data on 273 million accounts. Basically – from mailboxes Mail.ru (about 57 million, the total number of active accounts service – about 100 million), as well as Yahoo Mail (40 million), Microsoft Hotmail (33 million) and Gmail (24 million). The database also hit hundreds of thousands of accounts with German and Chinese services.

Thousands of stolen accounts, according to Holden, may belong to the employees of major US banks, industrial companies and retail chains.



How to react postal services?

Microsoft representative, according to Reuters, confirmed the theft of data (although not specify their scope). He said that the service Now the administration is dealing with the situation.

Mail.ru The administration, for its part, stated that a preliminary analysis of the data trapped in Holden (the latter gave them the mail service) there has not revealed “passwords that are suitable for active accounts alive.” “Besides … database contains a large number of the same logins with different passwords, which suggests that it was compiled from fragments of different bases, where nick used as login your e-mail,” – said in a statement resource

Check base will continue. In the future, the administration has promised “to warn users who may have been affected».

The version supported in the “Kaspersky Lab”. They stated that the base is likely to have been collected as a result of a number of phishing attacks – mass mailing emails to users on behalf of the known resources or organizations. The representative of “Kaspersky Lab” also added that active accounts are only a small part of the database.



What was before?

Another major drain on postal accounts data occurred two years ago. Then, in the Network were lined with boxes passwords on Mail.ru, «Yandex.Mail” and Gmail – a total of more than 10 million

The Mail.ru, then as now. stated that “the old base and is made up of pieces, that is, from several databases of passwords that were stolen from users at different times.” The Administration added that “in most cases the cause of the leak is the user’s inexperience or thoughtless behavior”, but hacking is possible, including due to the fact that the account owners use simple passwords, and use the same password on different services.

Others thought that the fault is not only the users. In the press there were excerpts from the report Cloudseller – Google-authorized dealer in Russia. The authors pointed to the possible vulnerabilities in the services themselves. “How Yandex, Mail.ru and in the core of their services using the Linux operating system and a number of open-source products, – stated in the report. – These products are part modify to fit your needs companies, but the basis remains unchanged. We assume that the hacking occurred through an unpublished vulnerability or a web service, or database management system …. »

From the documents published by a former employee of the US National Security Agency Edward Snowden, also It indicated that the complexity of breaking Mail.ru terms of the NSA is average.

The alternative version – it has put forward Anton Spout – was to ensure that the services themselves no cracked, and it was only about the abduction of passwords “in a number of unwary users.” Loud story about hacking, in his view, needed either power or close to it people. “There are two options: either the government needed a pretext to intervene actively in the users’ security questions, or rogues about the state needed an excuse to master budget money to create a” reliable state system “, which no one has ever crack” – reasoned it.

What is hacking?

According to Dell SecureWorks data, for breaking into a mailbox that is hosted on one of the most popular Russian service (Mail.ru, «Yandex» or “Rambler”), hackers are asking from $ 65 to $ 100 Accounts on foreign resources (Gmail, Hotmail or Yahoo) are more expensive – about $ 130. Corporate mailboxes – $ 500

Hack account in one of American social networks, according to the source, hackers can for about $ 130. in the case of the Russian networks -” VKontakte “and” classmates “- their services are more expensive – about $ 200

According to “Kaspersky Lab” from hacking your account at least once affected about a third of Russian Internet users. Basically, access to foreign accounts used to send phishing messages, in some cases, the user data have been used for criminal purposes, in 20 percent of cases, profile information after hacking has been destroyed.

Follow Slon Magazine, to read more in depth articles on our site

LikeTweet

No comments:

Post a Comment