• Tag Archives Hacker News
  • Snapchat Hacker Threatens to Leaked thousands of Nude Celebriti Images

     

    The waves of celebrities nude photos have not yet stopped completely, and a new privacy threat has emerged exposing tens of thousands of private photographs and videos of innocent users are circulating over the Internet.

    The personal image that are believed to be sent through Snapchat — the ephemeral messaging service that allows users to send pictures that should disappear after a few seconds — has been floating on the image based 4chan’s notorious /b/ board since last night. The incident was result of a security breach in an unofficial third-party app for Snapchat.

    Earlier this week, an anonymous 4chan user claimed to have obtained images on Snapchat and then the user warned of releasing thousands of nude videos and images sent using Snapchat soon in an event dubbed ‘The Snappening’.

    Previously, It was believed that the official SnapChat mobile app or its servers had been hacked by the hackers, and the third-party Snapchat client app has been collecting every photo and video file sent through the messaging service for years, giving hackers access to a 13GB private Snapchat files.

    But Snapchat has denied that its service was ever compromised. Earlier today, Snapchat issued a statement about the “Snappening” and blamed its consumers for using unofficial and unauthorized third-party apps.

    “We can confirm that Snapchat’s servers were never breached and were not the source of these leaks,’ a Snapchat representative said in a statement. “Snapchatters were victimised by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Use precisely because they compromise our users’ security. We vigilantly monitor the App Store and Google Play for illegal third-party apps and have succeeded in getting many of these removed.“

    The most worrying part for the users is that Snapchat was right. The personal data is supposed to be obtained from a website called SnapSaved.com — an external app used by a number of Snapchatters in order to save Snapchat photos without the sender knowing — which has been inactive for the past few months and is apparently independent of the official Snapchat service.

    However, Business Insider has pointed to SnapSaved.com, a site which is no longer functional, and the SnapSave app as potential sources of the leak. Meanwhile, an assortment of photos has been traced back to SnapchatLeaked.com — site also posted personal and nude photos of Snapchat users, indicating that the photos could have been circulating for months.

    “The Snappening” is named in reference to the recent celebrity nude photos leak that was called “The Fappening.” The incident comes just weeks after thousands of celebrity nude images were leaked online through 4chan website, following a hack of Apple’s iCloud.

    Snapchat was first hacked in December 2013 when 4.6 million Snapchat users were exposed in a database breach. Later, the denial-of-service attack and CAPTCHA Security bypass The most worrying part for the users is that Snapchat was right. The personal data is supposed to be obtained from a website called SnapSaved.com — an external app used by a number of Snapchatters in order to save Snapchat photos without the sender knowing — which has been inactive for the past few months and is apparently independent of the official Snapchat service.

    However, Business Insider has pointed to SnapSaved.com, a site which is no longer functional, and the SnapSave app as potential sources of the leak. Meanwhile, an assortment of photos has been traced back to SnapchatLeaked.com — site also posted personal and nude photos of Snapchat users, indicating that the photos could have been circulating for months.

    “The Snappening” is named in reference to the recent celebrity nude photos leak that was called “The Fappening.” The incident comes just weeks after thousands of celebrity nude images were leaked online through 4chan website, following a hack of Apple’s iCloud.

    Snapchat was first hacked in December 2013 when 4.6 million Snapchat users were exposed in a database breach. Later, the denial-of-service attack and CAPTCHA Security bypass vulnerabilities were discovered by the researchers at the beginning of this year.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Hackers behind TARGET data breach are looking for crackers to decrypt Credit card PINs

    I think you haven’t forgotten the massive data breach occurred at TARGET, the third-largest U.S. Retailer during last Christmas Holidays. People shop during Black Friday sales in which over 40 million Credit & Debit cards were stolen, used to pay for purchases at its 1500 stores nationwide in the U.S.

    TARGET officially confirmed that the encrypted PINs (personal identification numbers) of payment cards were stolen in the breach, since the stolen pin data were in encrypted form so they were confident that the information was “Safe and Secure”, because PIN cannot be decrypted without the right key.

    The Breach was caused by a malware attack, that allowed the criminals to manipulate Point of Sale (PoS) systems without raising red flags and the card numbers compromised in the breach are now flooding underground forums for sale.

    Possibly a group of Eastern European cyber criminals who specializes in attacks on merchants and Point-of-Sale terminals either attached a physical device to the PoS system to collect card data or they infected the PoS system with malware which sniffed the card data as it passes through a PoS system.

    However, the hackers have all 40 Million payment card details, but the PINs are encrypted with Triple-DES (Data Encryption Standard), which is a highly secure encryption standard used broadly throughout the U.S.

    Recently, The Cyber Intelligence firm IntelCrawler noticed that a group of individuals are discussing in underground hacking forums, attempting to decrypt a 50GB dump of Triple DES (3DES) encrypted PIN numbers believed that it belongs to TARGET breach. They asked for a ‘pro hacker’ to decrypt the information at a fee of $10 per line.

    IntelCrawler also claims that cracking the Triple-DES may be a slow process, but not impossible and vulnerable to brute-force attack using cracking tools i.e. John the Ripper.

    Security researcher, Robert Graham writes a blog post, suggested that hackers can get PINs without decrypting them, because two identical PINs decrypt to the same value.

    For example, let’s say that the hacker shopped at Target before stealing the database. The hacker’s own debit card information will be in the system. Let’s say the hacker’s PIN was 8473. Let’s say that these encrypts to 98hasdHOUa. The hacker now knows that everyone with the encrypted PIN of “98hasdHOUa” has the same pin number as him/her, or “8473”. Since there is only 10,000 combination of PIN numbers, the hacker has now cracked 1000 PIN numbers out of 10 million debit cards stolen. He recommended that TARGET should at least salt the encryption, to make it more difficult for crackers.

    ONLINE COMPUTER REPAIR SERVICES AND NEWS AT

    www.ccrepairservices.com