Hackers publish stolen PayPal login credentials
Posted on 28 June 2011.
LulzSec has been assimilated back into Anonymous, but their AntiSec campaign keeps going.

It seems that their final wish has been granted for now, and other hacking groups continued the work they have started.

If you take a look at the AnonymousIRC Twitter feed, you can see a number of links offering data dumps from Anguilla, Brazil, Zimbabwe and Australian government servers and a couple of links to "wild leaks". Among all of them is a link to Pastebin posts containing more than 150 MySpace and fifty PayPal login credentials.

SC Magazine Australia reports that they have contacted the group behind those data dumps and that they claim they have harvested that information by sniffing it out from insecure wireless networks set up in US restaurants and stores.

The group calls itself D3V29, and they say that they manage to do this by using a sniffer software they built themselves. But Lucian Constantin points out that it is doubtful they gathered the credentials in this way - especially when it comes to PayPal credentials.

"There is one problem with this theory though PayPal uses HTTPS for login, and so do most modern websites. This ensures that passwords are not transmitted in plaintext form," he says. "It is more likely that these hackers used phishing or a trojan to steal the login credentials than a WiFi-based attack."

The group has confirmed that their action was a way to join the Operation AntiSec. In the meantime, their Twitter feed has been downed and they have been asking for Bitcoin donations. Somehow it doesn't strike me as an auspicious beginning.






Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //