Announcement

**rbmorse** · 21 January 2014, 11:19 PM

I thought the Munich(?) Muni Government went all Linux a few years ago. Whoever it was did a good job of making the transition work and were quite positive of the outcome.

**droste** · 22 January 2014, 03:10 PM

I'm pretty sure it's windows malware. They haven't shared much details but they think that about 8million users got their email account data stolen [1]. With about 80million people in germany this is about 10% which would be way to much for linux users.
They also say that these accounts were collected over years so there's a chance that some data is outdated.

[1] http://www.heise.de/newsticker/meldu...u-2093423.html

**brosis** · 22 January 2014, 03:20 PM

Originally posted by droste View Post

I'm pretty sure it's windows malware. They haven't shared much details but they think that about 8million users got their email account data stolen [1]. With about 80million people in germany this is about 10% which would be way to much for linux users.
They also say that these accounts were collected over years so there's a chance that some data is outdated.

[1] http://www.heise.de/newsticker/meldu...u-2093423.html

This is nothing, but BSI spreading FUD and harvesting emails+IP connections.
If email DB with md5+salt/whatever would be stolen, then it would be just one provider as they all have own DBs.
Unless they periodically send their DBs together, say to BSI, which makes no sense.

**droste** · 22 January 2014, 03:58 PM

Originally posted by brosis View Post

This is nothing, but BSI spreading FUD and harvesting emails+IP connections.
If email DB with md5+salt/whatever would be stolen, then it would be just one provider as they all have own DBs.
Unless they periodically send their DBs together, say to BSI, which makes no sense.

I fail to see the advantage of having the connection to an email address and the current IP the user has (the IP for that user changes at least 1 time every 24h for most of the users in germany).
It would be way easier to monitor the network traffic to have this connection.
Also in an update they said it's actually email+password combinations for different services (with passwords in cleartext).

**brosis** · 22 January 2014, 04:04 PM

Originally posted by droste View Post

I fail to see the advantage of having the connection to an email address and the current IP the user has (the IP for that user changes at least 1 time every 24h for most of the users in germany).
It would be way easier to monitor the network traffic to have this connection.
Also in an update they said it's actually email+password combinations for different services (with passwords in cleartext).

For first part of your message, you never know. Perhaps collection is a requirement for some operation they currently have.
For second part, if its not BSI datamining, then its a usual windows garbage. Worms that steal Fx passwords, grep text and registry for emails and contacts are known since forever. Anyone using secure OS is safe, and its per-user not per-company case, so no ground to claim Germany is hacked

Anyone using windows has consciously agreed upon being pwned.

**revabhardwaj** · 29 January 2014, 03:33 AM

Thanks for share this post.

Announcement

Germans hacked

Germans hacked

Comment

Comment

Comment

Comment

Comment

Comment