Nearly 443,000 e-mail addresses and passwords for a Yahoo site were exposed late Wednesday. The impact stretched beyond Yahoo because the site allowed users to log in with credentials from other sites -- which meant that user names and passwords for Yahoo (YHOO, Fortune 500), Google's (GOOG, Fortune 500) Gmail, Microsoft's (MSFT, Fortune 500) Hotmail, AOL (AOL) and many other e-mail hosts were among those posted publicly on a hacker forum.
What's shocking about the development isn't that usernames and passwords were stolen -- that happens virtually every day. The surprise is how easily outsiders cracked a service run by one of the biggest Web companies in the world. The group of seven hackers, who belong to a hacker collective called D33Ds Company, got into Yahoo's Contributor Network database by using a rudimentary attack called a SQL injection.
New Multi-Platform Web Exploit !!
The attack was detected on a compromised website in Colombia, When users visit the site, they are prompted to run a Java applet that hasn't been signed by a trusted certificate authority. If allowed to run, the applet checks which operating system is running on the user's computer -- Windows, Mac OS X or Linux -- and drops a malicious binary file for the corresponding platform. The files are detected by F-Secure as 'Backdoor:OSX/GetShell.A,' 'Backdoor:Linux/GetShell.A' and 'Backdoor:W32/GetShell.A
Subscribe to:
Posts (Atom)
