HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 8 MINUTES AGO.
You are here: Home / Network Security / Russian Gang Hacks Hosting Firm
Russian Gang with Stolen IDs Hacks Hosting Company
Russian Gang with Stolen IDs Hacks Hosting Company
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
SEPTEMBER
02
2014
In August, a Russian cyber gang obtained what security researchers called “the largest cache of stolen data." Now, those hackers may be putting pilfered passwords to criminal use.

Hold Security first offered details on the theft of 4.5 billion records, including 1.2 billion usernames and passwords that correlate to over half a billion e-mail addresses. Dubbed "CyberVor" -- vor means thief in Russian -- by Hold Security, the group apparently hacked more than 420,000 Web sites to get "such an impressive number of credentials."

“The CyberVors did not differentiate between small or large sites,” the firm explained in a blog post. “They didn’t just target large companies; instead, they targeted every site that their victims visited. With hundreds of thousands sites affected, the list includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal Web sites."

Hacker Strategy Exposed

Now, Namecheap, a domain name registration site, is reporting that hackers have started using the stolen list to try to access its user accounts. The company issued an “urgent security warning” in the form of a blog post on Monday.

According to Namecheap, its intrusion detection systems alerted the firm to a “much higher than normal load” against its login systems. When the company investigated the issue, IT learned the username and password data gathered from third-party sites was being used to try to access Namecheap accounts.

“The group behind this is using the stored usernames and passwords to simulate a Web browser login through fake browser software,” the firm reported. “This software simulates the actual login process a user would use if they are using Firefox/Safari/Chrome to access their Namecheap account. The hackers are going through their username/password list and trying each and every one to try and get into Namecheap user accounts.”

The Really Bad News

According to Namecheap, most of the login attempts failed because the data was outdated or incorrect. Nevertheless, the company is “aggressively blocking” the IP addresses it believes are logging in with the stolen password data.

Namecheap is also logging the IP addresses and plans to export blocking rules across its network to completely eliminate access to any of its systems or services. On top of all that, the company is handing over the files to law enforcement. Then came the bad news.

“While the vast majority of these logins are unsuccessful, some have been successful,” the company said. “To combat this, we’ve temporarily secured the Namecheap accounts that have been affected and are currently contacting customers involved requesting they improve the security for these accounts.”

Namecheap may be the first to report a hack but it may not be the last. We caught up with Gerry Grealish, CMO of cloud security software firm Perspecsys, to get his take on the issue. He told us at the core of data control is ensuring sensitive and regulated data is encrypted.

“If organizations can do this correctly, they will be the sole owner of encryption keys, so if someone without proper access to their data attempts to access it, the information will be rendered meaningless,” he said. “Alternatively, organizations can use a technique like tokenization, which ensures that all sensitive data remains locked in a secure database inside a firewall.”

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.