Hackers Post 10GB Stolen Data as Ashley Madison Stays Online

It has been a while since hackers attacked the online cheating site Ashley Madison where the hackers claimed that they had downloaded pretty much all relevant information about the users from the site. For those who don’t know it, Ashley Madison is an online dating site specifically designed and advertised to married people who want to cheat on their partner. A pure disgrace in my book that a site like that is allowed to stay online, but that is beside the point right now.

The hackers wanted the site to shut down and threatened to release the user data if that didn’t happen. The site didn’t give in to the blackmail as it looks to be a very lucrative operation, even though they’ve exposed for having 90-95% male profiles and most female profiles being faked by the company. I don’t think that women cheat less than men, perhaps they’re smarter about it.

Now the hackers have made good on their promise and released 10GB stolen data that includes not only usernames and emails, but also appears to contain credit card information to pay for the membership as well as many other personal information. While the site doesn’t verify the profiles in any way and it is possible to create fake profiles with any email you wish, it’s still scary how many government email addresses were found in the database.

Avid Life Media, the company behind Ashley Madison, condemned the release of the data with a statement: “This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities. The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society. We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world.”

All the information has been posted to the “Dark Web” that only can be accessed through the Tor browser. It will be interesting to see what new dirt will show up as experts dig through the data and decrypt the parts that were secured.

Thank You Wired for providing us with this information

Bit Defender Admits To Being Hacked

Oh the irony never fails to amuse, an Anti Virus company who boast on keeping customers safe from online threats, have themselves falling victim to a hack. Kaspersky discovered a bot within their system and now so has Bit Defender, who have admitted to being hacked.

Bit Defenders security policy will be under heavy criticism after the hacker going by the name of DetoxRansome, claims to have access to the Bit Defender customer information which allegedly includes passwords. The hacker also claims this information has been stored in an unencrypted format by the antivirus giant.

Bit Defender have responded and stated that a “potential security issue with a server and determined a single application was targeted within a component of its public cloud offering”  The company have also responded to the amount of data which might have been leaked by stating that, “exposure of a few user accounts and passwords is very limited and it represents less than one percent of our SMB customers”

There are reports that the hacker has demanded Bit Defender pay a ransom of $15,000, or see all the information dumped online. As noted by news sources, the hacker looks as if they have dumped around 250 customers usernames and passwords onto the web. Among the names were extensions belonging to .gov, which indicates government customers might have been affected.

The Hackers version is the following “We had taken control of two BitDefender cloud servers and got all logins. Yes, they were unencrypted, I can prove it… they were using Amazon Elastic Web cloud which is notorious for SSL [a form of web encryption] problems.”

The level of severity depends on which version you believe, either Bit Defender have only comprised a reported 1% of data or the whole lot. One thing looks apparent, for the love of god, why oh why did they not encrypt sensitive information, if a company offers cloud storage then this has to be secure, or as near as.

In a corporate world as consumers you receive corporate promises, looks excellent on the outside, dig deeper and your logins might be on the open web. Only time will tell to the extent with which Bit Defender have been compromised, let’s hope this is an alarm call to change practises when storing sensitive information online, or not as the case all too often is.

Original Bit Defender logo courtesy of dev0blog

Thank You Forbes for providing us with this information

Where Your PC Goes When It Becomes Obsolete

Once upon a time each Personal Computer had a price point which was both prohibitively expensive and was also the domain of a relatively small selection of people, who in turn kept their machines for years. These days the time is relatively short from manufacture to scrapping of each individual PC. It’s mind-blowing to contemplate the extent of materials which would need to have been used for each run of a particular model, for it to be only then thrown out within a period of 1 – 3 years by the end consumer.

But what happens when PC’s are obsolete? Well below is a selection of images that illustrate the scale.

This first image is of a photo of three large green electronic waste bins which was snapped by a resident of San Francisco by the name of “Ariel” As you can see; there is both a wide selection and the potential for any model to be in there. I wonder if each individual remembered to securely erase their documents.

This next image is of a wall of old CRT monitors and was taken in 2014, by EnMin Ser who snapped this thought-provoking black-and-white photo while touring a junkyard in Malaysia. The destination of these screens is somewhat unknown considering the structure of recycling in Malaysia.

Now this image is the problem which is all too often the case, a photographer by the name of “Anna Vignet” stumbled across this scene in San Francisco in 2008. These computer towers were dumped behind a local school and were left exposed to the elements. which could have caused all types of chemicals to leak onto the streets. This somewhat annoys me considering the local authority should have put in place protocols to deal with such types of waste.

Where do less reputable companies dump old and broken PC’s? Yep, the third world as this picture illustrates and was taken by a photo product entitled iGarbage by an Italian non Profit organization. This toxic waste is shipped to places for example Ghana where it is sold for residents to harvest the raw materials without any protection; the end outcome is the waste poisons the residents. All in the name of the mighty Pound, Dollar and Euro, etc.

It just goes to show the scale of throwable PC’s in today’s expendable society, if you’re in need of upgrading and decide to throw away your PC. Check with local authorities for possible recycling centres, or indeed pass your unwanted PC to a friend or relative in need of one. Make sure you securely erase your files as you don’t want your aunty to find your selfies in a folder entitled “work”

Thank You to PC Mag and The Daily Mail for providing us with this information

PS Vita Memory Card Content Dumped

For the first time the content of a PS Vita memory card have been dumped and made publicly known. While this in itself doesn’t help to hack the Vita, it does open up for many more possibilities.

Sony uses a proprietary format for their memory cards, so they can’t just be read with any normal reader. The two people known as mr.gas and tomtomdu80 still managed to dump the content and though they haven’t posted the actual content, they have given sufficient proof that they’ve pulled it off.

It was expected that most of the content of the card would be encrypted, but according to mr.gas a surprising amount is not. After the announcement the well known Vita hacker Yifan Lu was quick to point out that the unencrypted data wouldn’t help much on any actual Vita hack.

This discovery could be the first step towards a 3rd party card reader for Vita memory cards that at the very least will allow for a much easier management of your cards then through CMA. It could allow for much easier backup and copy of cards as well as moving new data to them. It could even lead to simple modifications to the CMA from icon changes towards homebrews and other exploits.

It will be interesting to see where this leads and what they’ll manage to do with the new data in their hands.

Thank you WOLOLO for providing us with this information.

Image courtesy of WOLOLO and Sony.