jimmyLi's blog

Have you had to change your login information in a paranoid fever after discovering that a major online service provider has been hacked in the last few weeks? Well, if you have a Yahoo! account, you might have some worrying to do. A hacker group called D33DS Company has apparently dumped 453,492 usernames and passwords obtained in plaintext from a Yahoo! service. Ars Technica is reporting that usernames and passwords allegedly from Yahoo! were posted online by the D33DS Company group. Other sources indicate that the user information was specifically from the Yahoo! Voice service, formally known as Associated Content. Apparently, the hackers were able to obtain the plaintext list of passwords and usernames using a MySQL injection attack. Ars explains the methodology behind the attack thusly: The hacking technique preys on poorly secured web applications that don’t properly scrutinize text entered into search boxes and other user input fields. By injecting powerful ...

At the time of writ­ing these web­sites are still defaced, with a black page writ­ten “Turkgu­ven­Ligi” and “ 4 Sept. We TurkGu­ven­ligi declare this day as World Hack­ers Day - Have fun ;) h 4 ck y 0 u”. What do ups​.com, voda​fone​.com, thereg​is​ter​.co​.uk, acer​.com, bet​fair​.com, nation​al​geo​graphic​.com and tele​graph​.co​.uk have in com­mon? They all use Net­Names as their reg­is­trar. It appears that the turk­ish attack­ers man­aged to hack into the DNS panel of Net­Names using an SQL injec­tion and mod­ify the con­fig­u­ra­tion of arbi­trary sites, to use their own DNS (ns 1 ​.yumur​tak​abugu​.com and ns 2 ​.yumur​tak​abugu​.com) and redi­rect those web­sites to a defaced page. In the past, Turkgu​ven​Ligi​.info defaced secu​nia​.com, HSBC Korea and the reg­istry Directi with this method. You can browse the list of their attacks here: http://​www​.zone​-​h​.org/​a​r​c​h​i​v​e​/​n​o​t​i​f​i​e​r​=​t​u​r​k​g​u​v​e​n​l​i...