More than 450,000 usernames and unencrypted passwords appear to have been stolen from Yahoo Voice, a user-contribution services on Yahoo’s network, and posted online. Similar attacks have been reported separately against other online services, including Android Forums and Formspring, where users are being encouraged to change their passwords immediately, and to check whether they used the same password on other services. It is not known whether the attacks are linked. Both Formspring and Android Forums encrypted the passwords that they stored, although that is not a guarantee that they cannot be cracked. However, the Yahoo attack is potentially the most serious. Yahoo bought Associated Content for $100 million (Dh367.3 million) in May 2010, and then set it up as Yahoo Voices, allowing user-generated content to be posted online. Yahoo claims to have more than 600,000 contributors, which would include many of the data dump if it is verified. The Guardian could not verify whether any of the accounts were still active. The last entries in the data dump appear to be linked to IDs which were created in 2006, which could mean that the listing discovered by the hacker, or hackers, is an old one that is no longer in use. Security experts said that the most worrying aspect of the attack was that the passwords for the accounts were not encrypted — meaning that any hacker could scoop up the emails and immediately start using them against other services, including Yahoo Mail. That potentially puts far more at risk than just the Yahoo Voices accounts if they are still active. Writing at the Trusted Security site, David Kennedy noted that: “The passwords [were linked to] a wide variety of email addresses including those from yahoo.com, gmail.com, [and] aol.com,” and that they seem to have been extracted using an SQL injection attack — an increasingly common form of hacking attack in which flaws in the database and web software are exploited to get administrator-level access to the contents and structure of a database.” The page containing the Yahoo Voice addresses has all the details of the structure of the database that holds the details, as well as the usernames and passwords. The Yahoo Voice hack has been claimed by a group or individual calling themselves “the D33Ds Company”.
GMT 12:48 2018 Friday ,14 December
9.8 million dislikes: YouTube's most-hated video is now 'Rewind 2018'GMT 14:21 2018 Wednesday ,12 December
Google has no plans 'right now' for search engine in ChinaGMT 16:14 2018 Tuesday ,11 December
Russia’s watchdog to check Twitter and Facebook for compliance with legislationGMT 14:17 2018 Friday ,07 December
Over 60% of Russians use Internet every dayGMT 09:49 2018 Tuesday ,04 December
Microblogging platform Tumblr to ban adult contentGMT 08:59 2018 Tuesday ,27 November
Russian watchdog to consider fine for Google on December 11GMT 14:56 2018 Monday ,26 November
Malaysia warns about internet terroristsGMT 15:58 2018 Sunday ,18 November
Facebook denies hiring PR firm to spread fake info targeting criticsMaintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©
Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©
Send your comments
Your comment as a visitor