InfoArmor: Yahoo Data Breach Wasn't Sponsored by Foreign Governments
A Security Firm Concludes That Yahoo Is Pointing Its Finger in the Wrong Direction
There have been quite a few data breaches recently, and it would appear that it's trendy to blame them all on foreign governments. When the Democratic National Committee was hacked, for example, Hillary Clinton and her supporters said that Russia is responsible for the theft of volumes of sensitive information. More recently, when Yahoo announced that it'd become the victim of what is described by many as the biggest breach of all time, it too went with the 'the attack was state-sponsored' scenario. Certain people reckon that the two hacks are not necessarily linked to foreign governments.
Donald Trump, for example, said during the first presidential debate that the DNC hack might have been done by a rogue threat actor that weighs 400 pounds. InfoArmor researchers decided not to comment on the perpetrators' body weight, but they did say that according to them, the attack on Yahoo wasn't state-sponsored, either. Unlike Mr. Trump, they did a proper investigation before making assumptions.
According to InfoArmor's research, Yahoo's mega breach was first mentioned in the underground forums back in August when a hacker nicknamed Peace_of_Mind tried to sell a data dump of what he said was the usernames and passwords to over 200 million Yahoo accounts. After examining the data, InfoArmor saw that Peace_of_Mind's advertising was a bit off. The dump did contain a few correct login credentials (which were most likely the result of people re-using their passwords), but the majority of usernames and passphrases came from other unrelated data breaches.
Piece_of_Mind didn't steal any information from Yahoo. The hackers that did initially planned to use him as well as another bad actor called tessa88 as proxies who will ensure anonymous monetization. For some reason, this didn't happen, and Peace_of_Mind decided to make the best of the situation by asking 3 bitcoins (about $1,850) for a few fake login credentials.
After the initial plans failed, the real hackers apparently decided to sell the data themselves in privately negotiated deals, InfoArmor said. The experts suspect that the hackers (who are supposedly Eastern Europeans) have sold the login credentials to at least three parties, including one state-sponsored bad actor.
Even before InfoArmor's report, security professionals were having a hard time embracing Yahoo's claim that the attack is funded by a foreign government. Having seen the findings, they are now criticizing the mail provider heavily for trying to cover up the dismal state of its security by blaming the hack on state-sponsored threat actors.
Yahoo's reputation is in tatters at the moment, and its refusal to comment on InfoArmor's report isn't really helping.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.