After the site lefigaro.fr, it's time for Yahoo to let the coordinates of some of its members exposed in the public square.A group of hackers has posted the login and passwords of Yahoo accounts 453,000 they say they found a plain in the service of the California publisher. The group of hackers calling itself D33Ds shows have managed to penetrate one of the subdomains of Yahoo by using a technique called SQL injection. To do this, they introduced the control commands of databases in the input fields and research areas of the service and then were able to return to the servers and take control. As proof of their claims, hackers have posted 453,492 Yahoo accounts they say they have discovered unencrypted, 2700 tables of databases MySQL and 298 variables.
The leak comes from Yahoo Voice
Hackers match the publication of a note: "we hope that those responsible for the security of this subdomain will consider this as a wakeup call, not as a threat. There have been numerous security holes in Yahoo's servers that caused much more damage than what we published. Do not take this lightly. Subdomain and the vulnerable parameters have not been posted to prevent more damage. "
If the service name has not been unveiled by hackers, the blog TrustedSec think it could be the Yahoo Voice service. This hypothesis is based on the presence of the string in the dump dbb1.ac.bf1.yahoo.com posted, knowing that subdomain is linked to service Voice.
0 commentaires:
Enregistrer un commentaire