Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Customer Data / Russian Gang Hacks Hosting Firm
Russian Gang with Stolen IDs Hacks Hosting Company
Russian Gang with Stolen IDs Hacks Hosting Company
By Jennifer LeClaire / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
In August, a Russian cyber gang obtained what security researchers called “the largest cache of stolen data." Now, those hackers may be putting pilfered passwords to criminal use.

Hold Security first offered details on the theft of 4.5 billion records, including 1.2 billion usernames and passwords that correlate to over half a billion e-mail addresses. Dubbed "CyberVor" -- vor means thief in Russian -- by Hold Security, the group apparently hacked more than 420,000 Web sites to get "such an impressive number of credentials."

“The CyberVors did not differentiate between small or large sites,” the firm explained in a blog post. “They didn’t just target large companies; instead, they targeted every site that their victims visited. With hundreds of thousands sites affected, the list includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal Web sites."

Hacker Strategy Exposed

Now, Namecheap, a domain name registration site, is reporting that hackers have started using the stolen list to try to access its user accounts. The company issued an “urgent security warning” in the form of a blog post on Monday.

According to Namecheap, its intrusion detection systems alerted the firm to a “much higher than normal load” against its login systems. When the company investigated the issue, IT learned the username and password data gathered from third-party sites was being used to try to access Namecheap accounts.

“The group behind this is using the stored usernames and passwords to simulate a Web browser login through fake browser software,” the firm reported. “This software simulates the actual login process a user would use if they are using Firefox/Safari/Chrome to access their Namecheap account. The hackers are going through their username/password list and trying each and every one to try and get into Namecheap user accounts.”

The Really Bad News

According to Namecheap, most of the login attempts failed because the data was outdated or incorrect. Nevertheless, the company is “aggressively blocking” the IP addresses it believes are logging in with the stolen password data.

Namecheap is also logging the IP addresses and plans to export blocking rules across its network to completely eliminate access to any of its systems or services. On top of all that, the company is handing over the files to law enforcement. Then came the bad news.

“While the vast majority of these logins are unsuccessful, some have been successful,” the company said. “To combat this, we’ve temporarily secured the Namecheap accounts that have been affected and are currently contacting customers involved requesting they improve the security for these accounts.”

Namecheap may be the first to report a hack but it may not be the last. We caught up with Gerry Grealish, CMO of cloud security software firm Perspecsys, to get his take on the issue. He told us at the core of data control is ensuring sensitive and regulated data is encrypted.

“If organizations can do this correctly, they will be the sole owner of encryption keys, so if someone without proper access to their data attempts to access it, the information will be rendered meaningless,” he said. “Alternatively, organizations can use a technique like tokenization, which ensures that all sensitive data remains locked in a secure database inside a firewall.”

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.