LinkedIn hacked?

[vital]

whats?! 6 500 000 passwords leaked... you should change your pass :uhoh:

 

[katherine]

6 million SHA1 password hashes are now in the open.

 

[Biggie]

i have no account there, but what could be gained from hack'n them... just to say it could done?

 

[dnfuser1234567]

Thanks for the post. I ran out and changed my password and confirmed that there was a breach. Identity theft and loads of other stuff are what can be gained. There are people/companies that will pay big money for the information that could be gathered from these accounts.

 

[Theo]

Thanks for the heads up. The sad part is, I thought the email to change my password was spam.

 

[katherine]

i have no account there, but what could be gained from hack'n them... just to say it could done?

The linkedin DB must contain a lot of personal information so it's sensitive and acquisition of the data can facilitate identity theft for example.

The problem is that people tend to use the same passwords for different sites, even their E-mail.
Imagine the damage that can be done if your E-mail is compromised :upset:

In this case the passwords were hashed but not salted, so the non-complex passwords can be derived quite quickly. The user names are not available at this time but the hackers must have more than just the hashed passwords.
Every breach is a reminder to use hard to guess passwords (with special characters too) and not to reuse them :yes:

 

[draggar]

i have no account there, but what could be gained from hack'n them... just to say it could done?

What's the point of the dozens to thousands of hack attempts on my sites (brute force admin login attempts)? Seriously, what, they're going to change the content?

Luckily, LinkedIn was one site that used an older password system for me .

 

[katherine]

What's the point of the dozens to thousands of hack attempts on my sites (brute force admin login attempts)? Seriously, what, they're going to change the content?

In general, it's bored and untalented script kiddies scanning IP addresses at random, with no particular target in sight. Then they will exploit the first vulnerable server. Perhaps they will use it to host illegal contents, send spam, or mount further attacks on third parties and cover their tracks. Or they will just boast about their hacker skills on some forum
It's often just about ego and gratification.

 

[draggar]

In general, it's bored and untalented script kiddies scanning IP addresses at random, with no particular target in sight. Then they will exploit the first vulnerable server. Perhaps they will use it to host illegal contents, send spam, or mount further attacks on third parties and cover their tracks. Or they will just boast about their hacker skills on some forum
It's often just about ego and gratification.

No, this is just people trying to log into the admin panel on wordpress sites (one site was getting a brute force this morning while I left for work).

You really can't do anything if you do log in other than change content. Yeah, maybe to post spam but that's about it.

As fro untalented script kiddies, you forgot immature, too.

 

[Stian]

No, this is just people trying to log into the admin panel on wordpress sites (one site was getting a brute force this morning while I left for work).

Grab a free plugin called 'Limit Login Attempts' and Wordpress will block any IP that fails login x amount of times (opposed to WP's unlimited login attempts which opens up for bruteforcing).

It will still be possible to attack using multiple proxies, but most of those exploitation bots are dumb and you should be able to filter out most/all of the bf attempts with this plugin.

 

[draggar]

Already got that - they just wait out the lockout period and try it again.

Every WP site of mine gets about 10-15 a day but some sites (political mainly) can get hundreds a day. Oddly, recently one site (informational, non political, and hasn't been updated in a while) got about 15,000 the other day. Yeah, Outlook loved getting all those logs in! I guessI missed that one - it got installed.

 

[Stian]

Already got that - they just wait out the lockout period and try it again.

Every WP site of mine gets about 10-15 a day but some sites (political mainly) can get hundreds a day. Oddly, recently one site (informational, non political, and hasn't been updated in a while) got about 15,000 the other day. Yeah, Outlook loved getting all those logs in! I guessI missed that one - it got installed.

Hmm weird.. I don't have a lot of WP sites, but the two I got hasn't had any attempts yet that I'm aware of. They're not exactly high traffic yet, so that might explain why they're not a target. You could really set the lockout time to several days, then it's basically impossible to bruteforce the site (it may take months/years, but you will change the password in between so it's no use).

 

[draggar]

The site that had 15,000 attempts gets fewer than 30 visitors a month - highest ever was 50. I guess they think it is abandoned and can change the content and no one will notice?

 

[silentg]

Same hacker stole 1.5 million passwords from eHarmony > http://mashable.com/2012/06/06/eharmony-passwords-stolen/

 

[Stian]

The site that had 15,000 attempts gets fewer than 30 visitors a month - highest ever was 50. I guess they think it is abandoned and can change the content and no one will notice?

Wow!

Yeah, or use it for malware hosting etc. Do you keep WP and all plugins updated?

 

[draggar]

I try to - whenever I log into the admin panel I check and update anything and everything that needs it. I'm just chalking it up to major a-holes.

Plus, what's the worst they'll do? If they crash the entire site I'll know and have the site wiped and restored within 24 hours.

 

[Stian]

I try to - whenever I log into the admin panel I check and update anything and everything that needs it. I'm just chalking it up to major a-holes.

Plus, what's the worst they'll do? If they crash the entire site I'll know and have the site wiped and restored within 24 hours.

True, they can't do too much.

 

[vital]

We are currently investigating the leak of some Last.fm user passwords. This follows recent password leaks on other sites, as well as information posted online. As a precautionary measure, we're asking all our users to change their passwords immediately. Please log in to Last.fm and change your password on your settings page.

hmmm, they just leak and leak... :asleep: