-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
Have I Been Pwnd
- Thread starter Prso9
- Start date
Red Bank
Lurker
got it too. very irresponsible of the site not to inform members 4 years after the fact
Edit by Staff: http://androidforums.com/threads/have-i-been-pwnd.981598/#post-7172112
Edit by Staff: http://androidforums.com/threads/have-i-been-pwnd.981598/#post-7172112
Last edited by a moderator:
F
franked
Guest
Why does this forum not use an encrypted connection? This site was hacked with user ID stolen.
http://www.pcworld.com/article/259201/online_android_forum_hacked_user_data_accessed.html
Android Forums, an online forum for Android users, was the target of a hacker attack which could have led to user information including passwords getting compromised, its operator Phandroid.com said on Thursday.
Members of Android Forums have been asked to change their passwords ever since Tuesday, after it was found that the server hosting the forum was compromised and the website's database was accessed. The forum has over 1 million users.
"The user table of AndroidForum's database was (at a minimum) accessed," an Android Forums Community Manager, called Phases, said in a post on the website on Tuesday. He said it was completely possible that data was downloaded, and the forum has taken action assuming that it was.
Information in the user database included information such as unique IDs, usernames, emails, hashed and 'salted" passwords, and registration IP addresses, according to the post. A hash is a cryptographic representation of a password, and salted hashes involve inserting random characters into the hash.
Following the incident, passwords were changed to random strings, starting with those of about 100 staff. All code in the database and the file system was also reviewed for malicious edits and uploads, and it was checked that other sites on the network were not accessed.
The hack was most likely an email harvesting attempt, the community manager said. "A spammer could theoretically attempt to bulk e-mail all AF users with the user database," he added.
Users have been advised to change their password on Android Forums and other sites where they may use the same username and password. "This can be done while logged in through your UserCP, or using the "forgot your password?" page if logged out," according to the post.
"It seems like online security breaches are, unfortunately, just a sign of our times," Phandroid said referring to the hacks reported during the week at Yahoo and Formspring. It also said it was looking for a penetration tester that can help it with an audit.
A group of hackers published on the Internet on Thursday a list of over 453,000 log-in credentials that were allegedly stolen from a database associated with an unnamed Yahoo service.
http://www.pcworld.com/article/259201/online_android_forum_hacked_user_data_accessed.html
Android Forums, an online forum for Android users, was the target of a hacker attack which could have led to user information including passwords getting compromised, its operator Phandroid.com said on Thursday.
Members of Android Forums have been asked to change their passwords ever since Tuesday, after it was found that the server hosting the forum was compromised and the website's database was accessed. The forum has over 1 million users.
"The user table of AndroidForum's database was (at a minimum) accessed," an Android Forums Community Manager, called Phases, said in a post on the website on Tuesday. He said it was completely possible that data was downloaded, and the forum has taken action assuming that it was.
Information in the user database included information such as unique IDs, usernames, emails, hashed and 'salted" passwords, and registration IP addresses, according to the post. A hash is a cryptographic representation of a password, and salted hashes involve inserting random characters into the hash.
Following the incident, passwords were changed to random strings, starting with those of about 100 staff. All code in the database and the file system was also reviewed for malicious edits and uploads, and it was checked that other sites on the network were not accessed.
The hack was most likely an email harvesting attempt, the community manager said. "A spammer could theoretically attempt to bulk e-mail all AF users with the user database," he added.
Users have been advised to change their password on Android Forums and other sites where they may use the same username and password. "This can be done while logged in through your UserCP, or using the "forgot your password?" page if logged out," according to the post.
"It seems like online security breaches are, unfortunately, just a sign of our times," Phandroid said referring to the hacks reported during the week at Yahoo and Formspring. It also said it was looking for a penetration tester that can help it with an audit.
A group of hackers published on the Internet on Thursday a list of over 453,000 log-in credentials that were allegedly stolen from a database associated with an unnamed Yahoo service.
Well, there is still the question of using HTTPS, though I'm not sure on the particulars on whether that would have prevented the breach back in the day.
Also, similar topics merged. Three people brought this up today after a couple years, is there something going on we should be aware of?
Android Forums pwned? I got the same message. (note spelling is pwned so shows up in search results) Came here to find out more. As people check email there will probably be more. I didn't notice the date was 4 years ago. Maybe the list just showed up on some hacker site. I did notice more junk mail has started showing up this week so I wondered if my email had been released. Changing my pw. Hope site admins will address and force everyone to reset pw.
They forced a password change when it happened and advised folks to change their passwords on any other sites where they used the same credentials in the unlikely event they could use the PW from the table. With encryption and whatnot that was unlikely, but still a good idea.
Here is the thread where it was all discussed.
http://androidforums.com/threads/important-notice-security-breach.580371/
Here is the thread where it was all discussed.
http://androidforums.com/threads/important-notice-security-breach.580371/
Phases
NO LONGER ADMIN
Guys, this is very old news and was discussed in length at the time. We did in fact inform members, we were very open about this. It was a hot topic with notices and red text on the home page and every other page for a couple of weeks. Our site owner weighed in as well.
http://androidforums.com/threads/important-notice-security-breach.580371/
http://phandroid.com/2012/07/12/and...nge-your-passwords-penetration-tester-wanted/
We also reviewed code found the issue, patched it hardened further. I will also note that most the emails that were possibly taken were spam accounts (as this happened before our big spam account purge), and that four years later nothing malicious has occurred or mass emails gone out that has been brought to our attention or have supported the possible theft of data.
As to why this email is suddenly going out from whatever group is sending it I don't know, but we are happy to delete accounts that request it, and I will process those that we have got overnight sometime today. I got no such email, none of our staff did that I know of, so I'm curious about this. We were members at the time this happened too. Why did we not get a notification? Is it a service you sign up for and just pick websites that they then troll the news for or..? I have several test accounts that aren't obviously me either, going to various email addresses I control.
email text:
As for https, yes we have requested and recommended this and passed that recommendation up - but that is all we/I have the power to do. That wouldn't have stopped this particular breach or provided any benefit to members in relation to it at the time, if I remember correctly, but yes of course I agree it is a good idea for ANY site to do, especially larger ones.
Thanks,
http://androidforums.com/threads/important-notice-security-breach.580371/
http://phandroid.com/2012/07/12/and...nge-your-passwords-penetration-tester-wanted/
We also reviewed code found the issue, patched it hardened further. I will also note that most the emails that were possibly taken were spam accounts (as this happened before our big spam account purge), and that four years later nothing malicious has occurred or mass emails gone out that has been brought to our attention or have supported the possible theft of data.
As to why this email is suddenly going out from whatever group is sending it I don't know, but we are happy to delete accounts that request it, and I will process those that we have got overnight sometime today. I got no such email, none of our staff did that I know of, so I'm curious about this. We were members at the time this happened too. Why did we not get a notification? Is it a service you sign up for and just pick websites that they then troll the news for or..? I have several test accounts that aren't obviously me either, going to various email addresses I control.
email text:
As for https, yes we have requested and recommended this and passed that recommendation up - but that is all we/I have the power to do. That wouldn't have stopped this particular breach or provided any benefit to members in relation to it at the time, if I remember correctly, but yes of course I agree it is a good idea for ANY site to do, especially larger ones.
Thanks,
Last edited:
AZgl1500
Extreme Android User
I did not get a spam email on the topic, all I saw was for some reason, I have a "subscription" turned on for a forum somewhere on here.... that I need to go find and turn off... and that subscription generated an email from this forum.
So, no foul/fowl?
play for me.
So, no foul/fowl?
play for me.