Related Links

Related Stories

  • Apple Developer Site Breached
    Two things happened last week: Apple developers began to receive unexpected password reset emails, and the Apple Developer center was shut down for maintenance. Everything pointed to a breach; but Apple said little.
  • 2.5 million Californians exposed to identity theft in 2012
    According to a new report from the California Attorney General’s office, data breaches in the state exposed more than 2.5 million residents to the risk of identity theft in 2012 – many of which could have been prevented with the implementation of even the most basic security precautions.
  • Morningstar Provides (some) Information About Breach
    Morningstar Inc, an investment research firm, has disclosed a breach that compromised 2300 credit card details and possibly 182,000 user names and passwords; but the company has provided little additional information.
  • Ubisoft, maker of Assassin's Creed and Ghost Recon, breached
    Ubisoft, the French game company that asked Kaspersky Lab to make sure hacking in its upcoming Watch Dogs game looks real, got hacked for real with names, emails and passwords stolen.
  • Human error and system glitches drive nearly two-thirds of data breaches
    The Ponemon Institute today released the 2013 Cost of Data Breach Study: Global Analysis which reveals data breaches are often the result of poor processes, and the latest study from Ponemon Institute bears this out: Human errors and system problems caused two-thirds of data breaches in 2012. They also pushed the global average cost to $136 per compromised record.

Top 5 Stories


Ubuntu Forum Hacked; 1.8 Million Accounts Compromised

22 July 2013

On Saturday, Canonical – which looks after the Ubuntu Linux user forum – received reports of a site defacement. Within four minutes it had taken the Ubuntu Forums site off-line to investigate what turns out to be a major hack.

The defacement was only online for a few minutes, but long enough for it to be captured: a gun-toting penguin that seems to be saying the hack was performed by @Sputn1k. A message beneath the image states, "None of this 'y3w g0t haxd by albani4 c3bir 4rmy' stuff. Straight up, you dun goofed. It's as simple as that."

Sputn1k, however, is not very popular. "You must feel proud defacing a site by volunteers. They dedicate time and effort to make a free distro. Worst kind of 'hacker'" tweeted Alex. "This jerk took down the Ubuntu Forums, one of the most important resources on the web. Let's hope he gets what's coming to him" tweeted Kim Belding.

Sputn1k himself has just three tweets on his own account, the latest of which simply reads, "Sputn1k beging for mercy #lulz."

The message from Canonical replacing the defacement provides further information. The message is still there at the time of writing this report. "Unfortunately", it says, "the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database." It adds that the passwords "are not stored in plain text, they are stored as salted hashes."

It doesn't say how many passwords have been stolen. The Register comments, "a quick trip to the site through the wayback machine produces a page stating the site has 1,824,159 members, of whom 19,493 are classified as 'active.'”

That's a lot of passwords – and undoubtedly that will include a lot of weak passwords and a lot of passwords that are used on other accounts. Despite the hashing and salting, the weak passwords will be easily cracked. And where those cracked passwords are used on other accounts, they will be compromised. "If you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP," warns Canonical.

But even without cracking the passwords, Graham Cluley sees another threat. The attackers have the email addresses of users known to have an interest in Ubuntu. Enough for a spam campaign, but "perhaps even launching a carefully-crafted attack designed to pique the interest of Ubuntu lovers." Victims of this hack should therefore also beware of Ubuntu-based phishing attacks.

This article is featured in:
Data Loss  •  Internet and Network Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×