Friday, 13 July 2012 08:13

nVidia Developer Zone and Android Forums Get Added To The List of Attacked Sites with Possible Data Theft

Written by

Reading time is around minutes.
News manstealingdata

We have two additional hacks to report this morning. The first was a little shocking as it has been learned that nVidia’s Developer Zone form was under attack. Although details of this attack are small it does appear that nVidia recognized that there was an attack on the forum and shut it down to prevent additional attack. However nVidia warns that the hashed passwords for the forum may have been accessed. Right now the forum is still down with only a canned message in its place warning users about the attack and advising them to change their passwords especially any passwords that might be identical across multiple sites.

The second breach that yielded more user passwords was on the Android Forums hosted. With this hack we have a little more detail as one of the community managers has posted that a server hosting the forum was compromised and the database for the forum was accessed. The surprisingly open comment from Phases, in this case, is unusual but very welcome from an online forum that play host to upwards of one million users.

Phases put it very clearly in this statement that we would like to see from other companies;

“The trust of our users is extremely important and several staff members worked through the afternoon, evening, night, and morning to ensure we're doing everything possible to regain complete security.”

The post then goes on to describe the facts in the breach, the potential reasons and how’s up to a point is… well they stopped short of actually detailing the methods used (not surprising). We wonder if this was another UNION SQL injection as that method is becoming popular across many sites (since it is yielding some good results). One of the smartest things that the Android Forums did (in addition to actually informing their users) was to secure the admin accounts quickly. It was once a popular technique to compromise an admin account on a forum and then use the internal engine to send spam out to all of the registered users of the forum. We have also seen those compromised accounts used to disable other parts of the forum and many other malicious items.

No matter how you slice it security for all online services needs to become a primary concern complete with proactive steps to protect user information. This is in contrast to many companies that look at security and updates as a secondary concern and react to the threats that are out there only when one happens. We are pretty sure from the tone of the Android Forums and many others that have been breached in the past few days that they will be giving security a little more attention moving forward than they have been. As of this writing no one has taken responsibility for either of these two breaches so it is possible that the attacks were not successful or did not yield enough data to warrant an announcement. Still we highly advise people to re-think their choices of passwords and to start using different passwords for different sites. This last one is probably the biggest issue with multiple online accounts as most people do not want to try and remember complex passwords for all of the places they visit online.
Discuss this in our Forum

Read 2889 times Last modified on Friday, 13 July 2012 10:10

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.