Social Engineering Blogs

An Aggregator for Blogs About Social Engineering and Related Fields

Hacker Steals User Data from Epic Games Forums

The usernames and email addresses of over 800,000 Epic Forums users were stolen by a hacker. According to Leakedsource.com, the attack happened on August 11. The hacker obtained the data by exploiting “a known SQL injection vulnerability found in an older vBulletin forum software, which allowed the hacker to get access to the full database” (ZDNet). In addition to the usernames and email addresses, the database contains scrambled passwords, IP addresses, birth dates, and activity such as posts, comments and private messages. Access tokens for Facebook were also breached. Epic Games has stated that the scrambled passwords will not be not easily crackable.

An Epic Games Spokesperson says that passwords do not need to be changed for the Unreal Engine and Unreal Tournament forum but a “compromise of our legacy forums covering Infinity Blade, UDK, previous Unreal Tournament games, and archived Gears of War forums revealed email addresses, salted hashed passwords and other data entered into the forums. If you have been active on these forums since July 2015, we recommend you change your password on any site where you use the same password.”

Epic’s Forums were also hacked last year.

The post Hacker Steals User Data from Epic Games Forums appeared first on Social Hax.

A Seized Silk Road Wallet is Moving Bitcoin to the NSA Hackers

Last week, a group called the “Shadow Brokers” claimed to have hacked the NSA – stealing their code, exploits and spy tools. They leaked bits of information on GitHub and claimed the information was stolen from the Equation Group, a group who most believe is a computer surveillance wing of the NSA. The Shadow Brokers says they will auction off the data to the highest bidder. Leaks from Edward Snowden have demonstrated that this hack is legit. (The Register) Security experts believe that the hacker group is Russian.

Now it appears that there are some Bitcoin moving from a seized Silk Road wallet to the Shadow Broker’s auction. This leads some experts to believe that “the US government is potentially bidding to prevent stolen NSA exploits and tools from ending up in the wrong hands”. It could also mean that the government might be making an attempt to trace where the Bitcoins are going. Additionally, it must be noted that the co-founder of a major Bitcoin investigation company says that payments are also going in the other direction. This could simply indicate that spam is being sent in very small payments to famous addresses. (ZDNet)

So far, the Shadow Brokers have collected around $1000 in Bitcoin payments – a far cry from the 1 million Bitcoins they have demanded (which would be worth just over a half a billion $USD at the time of this writing). The U.S. government seized several thousand Bitcoin when shutting down Silk Road, so this may be their source of funds when dealing with the Shadow Broker hackers.

Learn more about the Shadow Brokers hack of the NSA here:

The post A Seized Silk Road Wallet is Moving Bitcoin to the NSA Hackers appeared first on Social Hax.

NSA Hoards Zero Days; Doesn’t Disclose Them all to Vendors

The NSA does not always disclose the zero day vulnerabilities it finds to unprotected vendors. Some security flaws are kept secret “when they can be used to serve a clear national security or law enforcement need” (Wired).

The US National Security Agency (NSA) was hacked by a suspected Russian hacker group and many of their exploits and hacking tools were archived. Leaked information was made public that showed the NSA collects exploits and does not always disclose them to vulnerable vendors. When vulnerabilities are not disclosed, problems do not get fixed. The NSA appears to operate “on the premise that secrets will never get out. That no one will ever discover the same bug. That no one will ever use the same bug. That there will never be a leak” (Business Insider).

Unfortunately, as we are currently witnessing with this recent leak, other types of hackers are able to find the same bugs and those hackers could have more malicious intent than the NSA. When hackers obtain a trove of U.S. secrets, that could put the government and corporations worldwide in a susceptible position. For example, the leaked data includes information on breaching popular commercial firewalls. Emergency service providers, governments, financial systems and many businesses all rely on these firewall technologies.

Global networking company, Cisco Systems, confirmed last week that the NSA exploited an undetected severe vulnerability that allows remote attackers “who have already gained a foothold in a targeted network to gain full control over a firewall” (Ars Technica). The NSA knew about this vulnerability since 2013 and did nothing to stop it. Now that the data is leaked, Cisco fears that the information “could be used to breach its Adaptive Security Appliance (ASA) software used in its firewalls. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system”. It can be argued that these exploits would have been patched had the NSA disclosed the vulnerabilities instead of collecting them for their own use.

(Watch – Snowden discusses NSA hack, Cisco to cut 5,500 jobs, NASA preps an asteroid rocket):

The post NSA Hoards Zero Days; Doesn’t Disclose Them all to Vendors appeared first on Social Hax.