SO WHAT?

Computer Shopper - - RANTS & RAVES -

WHITE HAT OR

black hat, you are prob­a­bly best ad­vised not to deal with OurMine. Most of its vic­tims claim to have wres­tled con­trol of their ac­counts un­der their own steam, and tes­ti­mo­ni­als from cus­tomers are thin on the ground.

Cus­tomers pay $30 via PayPal for a full scan of their per­sonal ac­counts, while busi­nesses must con­tact the firm to dis­cuss terms. Even the news sec­tion of the se­cu­rity out­fit’s web­site cel­e­brates the ‘hacks’ car­ried out. There you can see posts about “The biggest hack in YouTube his­tory”, and the story be­hind how Mark Zucker­berg came to be hacked twice. It ap­pears the man be­hind Face­book finds it hard to choose a se­cure pass­word.

“To­day our team reached Mark Zucker­berg ac­counts again… how did we hack him again? We have our pri­vate meth­ods… and no it’s not us­ing leaked data­bases,” crows OurMine.

“His pass­word pre­vi­ously was dadada, and we told him to pro­tect his ac­counts, but un­for­tu­nately he didn’t lis­ten and he used easy pass­word again, but at least he en­abled 2-step ver­i­fi­ca­tion on his Twit­ter, but his pass­word now is dr1nkbur.”

If Mark Zucker­berg has any sense, that is no longer his pass­word, so it seems the un­ortho­dox meth­ods used by the group do have some merit when it comes to best prac­tice be­hav­iour.

Se­cu­rity ex­pert Gra­ham Clu­ley re­cently said that the group’s at­tacks should serve as a les­son to ev­ery­one. He ex­plained that the hacks can be mis­chievous, but of­fer a pow­er­ful mes­sage about on­line providers and how they pro­tect their users.

“The OurMine hack­ing gang have turned their at­ten­tion from HBO and Sony to break into FC Barcelona’s so­cial me­dia ac­counts to an­nounce that for­mer Real Madrid player Án­gel Di María had been signed-up for the team. FC Barcelona and Real Madrid are bit­ter ri­vals, so news that a player is switch­ing al­le­giances from one side to an­other is likely to get fans fum­ing,” he said.

“FC Barcelona may want to look again at its de­fence, be­cause it is clearly lack­ing when it comes to pro­tect­ing its so­cial me­dia ac­counts. That means not only train­ing staff in pass­word best prac­tice, but also the se­cu­rity ben­e­fits of en­abling two-step ver­i­fi­ca­tion or two-fac­tor au­then­ti­ca­tion.”

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.