Hackers

How an Adult Website Hack Exposed 1.2 Million Wife Lovers

in Uncategorized
Wife Lovers

On October 18, 2018, a hacker compromised the database of the adult entertainment website Wife Lovers.

In this article, you will learn about the Wife Lovers hack and how you can protect yourself from this type of data leak.

The Wife Lovers Hack and Response

Wifelovers

Wife Lovers’ site owner closed the site three days after receiving a notification that the site has been compromised.  

A notice was immediately placed on the site warning users to change passwords on other sites, especially if they were identical to the passwords on the hacked site.

The site had been operating for 21 years until the hack. According to Robert Angelini, Wife Lovers and the seven sites had less than 107,000 people posting to the site frequently.

In an email responding to the hack, Angelini said:

“It doesn’t matter if we are talking about 29,312 passwords, 77,000 passwords, or 1.2 million or the actual number, which is probably in between. And as you can see, we are starting to encourage our users to change all the passwords everywhere.”

A notice on the website explained that the compromise was noticed when an “unnamed security researcher” exploited a vulnerability to download message board registration information.

The researcher informed Angelini that they were not going to publish the information but ended up doing that to identify the breached websites. A seemingly white hat hacker turned out to be a black hat hacker in disguise.

The hack was possible due to the DEScrypt algorithm used by the sites to encrypt user data. The encryption mechanism was extremely weak, according to hacking experts. 

DEScrypt was created in the 1970s and was adopted by the National Security Agency (NSA), who made some modifications to their version. The regular version makes it nearly impossible for users to use strong passwords. 

Security researcher Troy Hunt analyzed the hack. He tweeted the details.

It took password cracking expert Jens Steube seven minutes to decipher the given hash on Twitter.

The breach only affected free users of the site because the site stores details of paid users separately, according to a company statement.

What Could This Mean For Users?

wife lovers hack

Adult sites like Wife Lovers are prime targets for hackers due to what they can do with such information.

For instance, the 2015 hack of Ashley Maddison led to several follow up attacks. The breach made the intimate details of 36 million accounts public. The following weeks saw victims receiving emails threatening to inform their spouses and loved ones about their infidelity.

Although the Wife Lovers hack may not be as massive as the Ashley Maddison, the consequences could be more damaging.

An examination of the exposed data by Ars Technica revealed the potential damage that it could cause. A web search of some private emails in the breach shows a connection with Amazon, Instagram, and other big sites. These connected accounts gave away the user’s real name, geographic location, information about family members, and other personal details.

With this information, bad actors can target victims and blackmail them. In some cases, hackers also use such details for identity theft. 

What Should I Do If I Ever Face This Situation?

To avoid this situation entirely, you should use different emails for non-essential platforms. Furthermore, to avoid panic during a site compromise, passwords should be different across sites to prevent a situation where a breach of a single account can lead to many more.

However, if you fall victim to such a hack, the best step to take is to update your passwords on all sites. Also, change your usernames on other sites if it is similar to the hacked website.

The most important tip to follow while you surf the web is to avoid sites that have poor user data protection. If you don’t trust the website to protect your data, don’t give it to them.

Learn more ways to protect yourself online by reading our article on Top Privacy Tools To Protect Yourself Online.

Who Are the Shadow Brokers?

in Hacking
Shadow Brokers

The Shadow Brokers are a mysterious group of hackers that stole sensitive data from the National Security Agency (NSA) in 2013 and dumped these secrets online.

Identity of the Shadow Brokers

The Shadow Brokers appeared in August 2016, when they leaked several hacking tools and computer exploits from the National Security Agency (NSA). The group released documents that were gotten from a server connected to the NSA. The U.S. reportedly owned, leased, and controlled the server. But it had no connection to the agency. 

The group wrote in broken English on their blog posts. That suggested they might have not been from an English-speaking country. But security experts have dismissed that, saying the language hackers use could be an OpSec tactic. 

Based on speculations, this group could be disgruntled NSA insiders. That is because of their strong familiarity with the National Security Agency’s Tailored Access Operation (TAO). That is similar to disgruntled insiders who became whistleblowers in recent years, like Edward Snowden, who worked as a government security contractor.

Another speculation is that the files came from Hal Martin. He’s an NSA contractor arrested in August 2017 for hoarding agency secrets in his house. It is possible that the Shadow Brokers received the records from Martin. However, in the public indictment against Martin, there was nothing that came up regarding selling secrets to a group. 

According to another speculation, a rival country orchestrated the hack against the U.S. But there’s also no proof for any of these claims.

Alleged Activities of the Shadow Brokers

Shadow Brokers Hackers

The Shadow Brokers started with dumping bugs in many common firewall products. Then they followed up with releasing the exploits of the Solaris operating system, and more detailed information on Equation Group, a hacking group connected to the US National Security Agency.

Early 2017, after been active for months, the group released exploits for Windows systems. At that time, the materials put lots of computers in danger. Another group of anonymous hackers repurposed some of those materials. That enabled the spread of destructive ransomware known as WannaCry.

Other dumps included code names for cyber-weapons and prospective targets of hacking operations. Parts of the data indicated Equation Group had targeted several mobile service providers around the world.

However, the biggest dump from the Shadow Brokers featured Windows exploits like EternalBlue. It also had tools to access the Society for Worldwide Interbank Financial Telecommunication (SWIFT) messaging system. Added to that, the dumps contained a substantial amount of information about hacking operations. It included PowerPoint presentations, un-redacted metadata, and the names of Equation Group members. 

The group continued to dump more information in what most people saw as an attempt to gain attention. Some experts believe the Shadow Brokers became frustrated because the level of attention given did not meet the group’s expectations. Instead, they started monetizing their materials.

Financing & Funding

Shadow Brokers

The Shadow Brokers introduced a monthly subscription service to sell the stolen information and cyber-weapons. They initially asked for one million bitcoin (around $600 million at the time). However, no one paid that amount. According to Wh1sks, they netted around $88,000 in Monero and a little over 10 BTC (worth around $35,000 at the time.)

It is impossible to know exactly what the Shadow Brokers have been sending around but most speculate it is hacking tools and ransomware for evil hackers. These could include highly valuable exploits for Windows systems and other systems hacking tools.

What we know is that some of those materials the Shadow Brokers dumped had been used by other black hat hackers.

The WannaCry ransomware, for example, spread rapidly across a number of computer networks in May of 2017. It hit a number of high-profile systems, including many in Britain’s National Health Service.

Top 7 Most Notorious Hacker Groups in the World

in Hacking
Hacker Groups

Many of the largest hacks that have occurred were orchestrated not by individuals but by organized hacker groups.

In this article, we take a look at seven of the most notorious hacking groups in the world.

Anonymous

Anonymous has an extensive portfolio of victims from government institutions to multinational companies. It is a decentralized hacking group known most for its hacktivism and Guy Fawkes masks. 

Top on its victim list is the Pentagon, the headquarters building of the United States Department of Defense. Most of the group’s attacks have been backed by a specific reason.

For instance, the group hacked Visa, MasterCard, and PayPal in 2012’s Operation Payback for after they refused to process payments to WikiLeaks. What’s more, Anonymous also jumped into action during Occupy Wall Street by hacking the New York Stock Exchange website.

Lizard Squad

Lizard Squad is another notorious hacker group. This underground organization has claimed responsibility for two major attacks. The first and the biggest of them is their DDOS attack on Facebook, which put the social media network offline. The second was an attack on Malaysia Airlines.

Malaysia Airlines disputed the hack, stating it was as mere redirection of their domain. Another big hacking event involving them is the hack of Microsoft Xbox Live and Sony’s Playstation Network in August 2014.

Authorities made arrests in England and the US after the Sony hack included them placing the ISIS flag on Sony’s server. The Lizard Squad hacker group also claims they took the internet of North Korea down with a DDoS attack.

LulzSec

Lulz Security (LulzSec) came into existence as an Anonymous spinoff after the HBGary Federal hack of 2011. LulzSec has a motto that states “Laughing at your security since 2011.” This hacker group took the CIA site offline.

During its initial years, LulzSec also hacked Fox.com, then Sony Pictures. LulzSec is also known for taunting victims after an attack just like a prank. A statement called the “50 Days of Lulz” announced the break up of the group in June 2011. Nevertheless, the group returned with an attack on the News Corporation in July 2018. 

In 2012, the FBI arrested LulzSec members after the group’s leader, Sabu, turned them in.

Chaos Computer Club (CCC)

Founded in Berlin during the early 1980s, Chaos Computer Club (CCC) is reportedly the largest hacker group in Europe. Chaos Computer Club mainly focuses on testing the security of platforms on the internet and identifying various flaws. 

The landmark of Chaos Computer Club operation was their hack of Hamburg Bank where they took 134,000 Deutsche Mark. They returned the money the next day.

Most importantly, this act made them a more welcomed hacking institution known for stress testing the security infrastructure of online platforms. Discussing the hack with OWNI, early CCC member Andy Müller-Maguhn stated: “We needed a lot of legal experts to advise us what we could or could not hack, and to help us distinguish between legal activities and grey areas of legality”. 

Other interesting exploits of the Chaos Computer Club hacker group include a protest against French nuclear tests, hacking finance apps on live TV via Microsoft’s ActiveX; exploiting the COMP128 encryption algorithm of a GSM customer card, and analyzing the German federal government’s malware.

Syrian Electronic Army

The Syrian Electronic Army is a hacking group that sympathizes with Syria and has shown support for the Syrian President Bashar al-Assad. The group targets organizations that have shown opposition to the state of Syria.

Attacks from the Syrian Electronic Army make use of spamming, defacement, malware, phishing, and denial of service (DDoS) attacks. Oftentimes, the group leaves the Syrian flag on a victim’s website.

The group has targeted the Facebook and Twitter accounts of President Barack Obama and French President Nicolas Sarkozy, technology companies and news outlets. 

Syrian Electronic Army has taken an ironic and jovial tone over the years. For instance, the notorious hacker group tweeted from BBC Weather: “Saudi weather station down due to head on-collision with camel”.

Tarh Andishan

According to Iran, the US and Isreal created a virus called Stuxnet that jeopardized the country’s nuclear power ambitions. After this attack, the Tarh Andishan hacker group sprang up as a response.

The group includes up of 20 members mostly based in Tehran, Iran according to recent estimates. One of its biggest attacks is its series of attacks which gave them access to airline gates and security systems in South Korea, Saudi Arabia, and Pakistan.

Iran’s Tarh Andishan uses self-propagating software, systems, backdoors, code injection, and other techniques.

Bureau 121

North Korea is a name you don’t hear often regarding developments on the internet. However, all of that changed after the famous Sony hack in November 2014.

Bureau 121 is a North Korea-based hacking group rumored to be run by their government. According to defectors, military hackers live extravagant lives in North Korea. The government also makes a conscious effort to handpick top students from the “University of Automation.”

The group also operated proxies around the world due to North Korea’s poor internet infrastructure. The attack on Sony in 2014 was a proxy attack. That particular hack cost Sony about $15 million.

Interested in watching how these hacker groups operate? Check out our list of Best Hacker Movies and Documentaries to learn more!

Go to Top