Results 1 to 7 of 7

Thread: Germans hacked

  1. #1
    Join Date
    Mar 2011
    Posts
    328

    Default Germans hacked

    http://www.bbc.co.uk/news/technology-25825784 This maybe old news but it's the first I have heard of it. Does anyone have more info on this? I will assume a Windows exploit because there isn't a way in hell there are that many Linux users in Germany.

  2. #2
    Join Date
    Jun 2007
    Location
    Albuquerque NM USA
    Posts
    347

    Default

    I thought the Munich(?) Muni Government went all Linux a few years ago. Whoever it was did a good job of making the transition work and were quite positive of the outcome.

  3. #3
    Join Date
    Jul 2009
    Location
    Germany
    Posts
    486

    Default

    I'm pretty sure it's windows malware. They haven't shared much details but they think that about 8million users got their email account data stolen [1]. With about 80million people in germany this is about 10% which would be way to much for linux users.
    They also say that these accounts were collected over years so there's a chance that some data is outdated.

    [1] http://www.heise.de/newsticker/meldu...u-2093423.html

  4. #4
    Join Date
    Jan 2013
    Posts
    978

    Default

    Quote Originally Posted by droste View Post
    I'm pretty sure it's windows malware. They haven't shared much details but they think that about 8million users got their email account data stolen [1]. With about 80million people in germany this is about 10% which would be way to much for linux users.
    They also say that these accounts were collected over years so there's a chance that some data is outdated.

    [1] http://www.heise.de/newsticker/meldu...u-2093423.html
    This is nothing, but BSI spreading FUD and harvesting emails+IP connections.
    If email DB with md5+salt/whatever would be stolen, then it would be just one provider as they all have own DBs.
    Unless they periodically send their DBs together, say to BSI, which makes no sense.

  5. #5
    Join Date
    Jul 2009
    Location
    Germany
    Posts
    486

    Default

    Quote Originally Posted by brosis View Post
    This is nothing, but BSI spreading FUD and harvesting emails+IP connections.
    If email DB with md5+salt/whatever would be stolen, then it would be just one provider as they all have own DBs.
    Unless they periodically send their DBs together, say to BSI, which makes no sense.
    I fail to see the advantage of having the connection to an email address and the current IP the user has (the IP for that user changes at least 1 time every 24h for most of the users in germany).
    It would be way easier to monitor the network traffic to have this connection.
    Also in an update they said it's actually email+password combinations for different services (with passwords in cleartext).

  6. #6
    Join Date
    Jan 2013
    Posts
    978

    Default

    Quote Originally Posted by droste View Post
    I fail to see the advantage of having the connection to an email address and the current IP the user has (the IP for that user changes at least 1 time every 24h for most of the users in germany).
    It would be way easier to monitor the network traffic to have this connection.
    Also in an update they said it's actually email+password combinations for different services (with passwords in cleartext).
    For first part of your message, you never know. Perhaps collection is a requirement for some operation they currently have.
    For second part, if its not BSI datamining, then its a usual windows garbage. Worms that steal Fx passwords, grep text and registry for emails and contacts are known since forever. Anyone using secure OS is safe, and its per-user not per-company case, so no ground to claim Germany is hacked
    Anyone using windows has consciously agreed upon being pwned.

  7. #7
    Join Date
    Jan 2014
    Location
    india
    Posts
    2

    Default

    Thanks for share this post.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •