Category Archives: Hacker

Verified Twitter Accounts were Hacked for a Crypto Scam



Those who looked at Twitter earlier today may have noticed some very unusual tweets from accounts that have a blue checkmark. TechCrunch reported that these high-profile accounts were simultaneously hacked and used to spread a cryptocurrency scam.

According to TechCrunch, the hackers started by targeting cryptocurrency focused accounts like @bitcoin, @ripple, @coindesk, @coinbase, and @binance. It is possible that those who follow those accounts might not understand that this was a scam.

The first hacked tweet I saw was from the Joe Biden verified account. Someone took a screenshot of what appeared to be Joe Biden tweeting “I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000. Only doing this for 30 minutes”. The tweet included a bitcoin address. (The screenshot was posted on social media that was not Twitter.)

I was immediately suspicious. Joe Biden doesn’t seem to me to be the kind of person who would tweet about Bitcoin. And now, we know that it certainly wasn’t him who posted that tweet.

Apple’s verified Twitter account also had a post about doubling the cryptocurrency sent to it. This, too, is extremely suspicions. Apple has never posted a tweet. Why would anyone believe that the first tweet Apple chose to post was about doubling your cryptocurrency? People who saw these tweets should have realized that something was wrong.

That said, some of the verified accounts that got hacked were ones that might sound convincing. For example, Elon Musk’s Twitter account was hacked. He has been known to post unexpected things on Twitter (such as his opinion on the stock price of Tesla). Kanye West, who recently decided to run for president, also seems like someone who just might decide to double people’s cryptocurrency on a whim.

The @Wendy’s account also got hacked. Would Wendy’s decide to “give back” to the community with cryptocurrency? Considering how snarky the Wendy’s account tends to be, some people might think the tweet was real.

This takeaway from this situation is that you should not believe everything you see on social media. It also makes it abundantly clear that social media is not as secure as you might think (or hope) it is.


Marriott Says 5 Million Passport Numbers Were Not Encrypted



As you may remember, Marriott International confirmed in November of 2018 that its hotel guest database of about 500 million customers was stolen in a data breach. The breach was related to reservations Marriott’s Starwood Properties.

Since then, some new information about the data breach has been revealed.

The New York Times reported today that Marriott International conceded that its Starwood hotel unit did not encrypt the passport numbers for roughly five million guests. The New York Times also reported:

On Friday the firm said that teams of forensic and data analysts had identified “approximately 383 million records as the upper limit” for the total number of guest reservations lost, though the company still says it has no idea who carried out the attack, and suggested the figure would decline over time as more duplicate records are identified.

The New York Times pointed to some of its previous reporting from December of 2018, when it reported “that the attack was part of a Chinese intelligence gathering effort that, reaching back to 2014, also hacked American health insurers and the Office of Personnel Management, which keeps security clearance files on millions of Americans.”

Gizmodo reported that Marriott International said that a small number of payment cards – “fewer than 2,000” – may have been stored separately and in an unencrypted format.


Quora had a Data Breach Affecting 100 Million Users



Quora is a website where people go to get an answer to whatever random question is on their minds. Now, it appears that Quora users are going to be seeking some incredibly significant answers from the website. Quora has had a data breach that affected about 100 million users.

Quora acknowledged this data breach on The Quora Blog. The data breach was discovered on November 30, 2018. Quora says they discovered that some user data was compromised by a third party who gained unauthorized access to one of their systems. Overall, the turn around time between discovery of data breach – and telling users about it – was reasonably fast.

Quora says the investigation is still ongoing, and has apologized for any concern or inconvenience this may cause. For approximately 100 million Quora users, the following information may have been comprised:

  • Account information, e.g. name, email address, encrypted (hashed) password, data imported from linked networks when authorized by users
  • Public content and actions, e.g. questions, answers, comments, upvotes
  • Non-public content and actions, e.g. answer requests, downvotes, direct messages (note that a low percentage of Quora users have sent or received such messages.)

Interestingly, Quora says that questions and answers that were written anonymously are not affected by this breach because they do not store the identities of people who post anonymous content.

How will you know if this data breach affected you? Quora is in the process of notifying users whose data has been compromised. If you were affected, Quora will update you with relevant details in an email.

In addition, Quora is logging out all Quora users who may have been affected by the data breach. Quora will invalidate the passwords of those who used a password as their identification. They recommend you change your passwords.

One thing to pay attention to is that this breach affected “data imported from linked networks when authorized by users”. You might want to change passwords on whatever networks you connected to Quora before the data breach.


Marriott Data Breach Involved 500 Million Starwood Guest Records



Marriott confirmed that its hotel guest database of about 500 million customers was stolen in a data breach.

Those who have concerns that their data may have been stolen may want to read the announcement that Marriott posted on their website. It includes a list of things Marriott is doing in response to the data breach.

Marriott says that on November 19, 2018, their investigation determined that there was unauthorized access to their guest reservation database, which contained guest information relating to reservations at Starwood properties on or before September 10, 2018. Marriott learned during the investigation that there had been unauthorized access to the Starwood network since 2014.

Starwood brands include: W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotel, and Starwood branded timeshare properties.

Marriott believes that the data breach contained information on up to approximately 500 million guests who made a reservation at a Starwood property.

For approximately 327 million of these guests, the information taken includes some combination of: name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.

TechCrunch reported that Marriott said an unknown number of records contained encrypted credit card data, but has “not been able to rule out” that the components needed to decrypt the data wasn’t also taken.

This is a mess! I wouldn’t be surprised if people avoided staying at Starwood brands, or Marriott brands, in the future. Once a company has a data breach of customer’s important information, it becomes extremely difficult to regain the trust of people whose information had been stolen. I also find it troubling that it took four years between when the data breach started and when Marriott found out about it.


Sennheiser Discloses Vulnerability for PCs and Macs



Sennheiser has disclosed that a vulnerability has been identified in Sennheiser HeadSetup and HeadSetup Pro. It recommends that both PC and Mac users update their software to the latest versions (which have now been made available).

The latest sofware versions are:
HeadSetup Pro: v.2.6.8235
HeadSetup: v.8.1.6114 (for PC) and HeadSetup: v.5.3.7.011 (for Mac)

Users can access the updates from the Sennheiser website. In addition, Mac users and Windows users who are unable to receive automatic updates from Microsoft, or who choose not to update their HeadSetup and HeadSetup Pro software can visit the Sennheiser website for removal instructions.

Updating the software to its latest version will rid the software of vulnerable certificates. Additionally, the invalidation by Windows on November 27th of the former certificates fully eliminate the possibility to exploit the certificates.

What happened? Ars Technica has a detailed explanation. In short, Ars Technica says that Sennheiser has issued a fix for a “monumental software blunder” that allowed hackers to carry out man-in-the-middle attacks that “cryptographically impersonate any big-name website on the internet.”

This vulnerability was apparently discovered by Secorvo security consulting, who published a report about it. Ars Technica reported that anyone who has ever used the app should ensure that the root certificates it installed are removed or blocked.

It is kind of a weird scenario. Sennheiser’s headphone software was designed to let users connect their headphones to other devices. Hackers exploited the headphone software to use it to forge certificates and impersonate websites.


Clap for Kano’s Camera Kit at CES 2018



Kano‘s mission is to encourage people, particularly children, to see computers not as unchangeable appliances but as tools to be made, shaped, coded and shared. Their kits plug together bits, boards, buttons and cables to make individual and personalised computers. Bruno gives Todd a hand to develop a selfie camera from their new Camera Kit.

Kano’s approach is to challenge each young developer into programming simple apps that achieve technical goals. Using Kano’s development tools it’s really easy to build programs as the tools come with code building blocks for things like taking a picture or responding to noise via a microphone. Consequently, even Todd can code an app to take a picture when someone claps.

The Camera Kit‘s not expected until next year but you can sign up to hear the latest news. Expect the price to be around US$99.

Todd Cochrane is the host of the twice-weekly Geek News Central Podcast at GeekNewsCentral.com.

Become a GNC Insider today!

Support my CES 2020 Sponsor:
30% off on New GoDaddy Product & Services cjcgeek30
$4.99 for a New or Transferred .com cjcgeek99
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Support the show by becoming a Geek News Central Insider

DDoS Attacks Shut Down Online Gaming Servers



Sony Playstation LogoWas your favorite online video game difficult to access over the weekend? There is a reason for that. A group decided to use a DDoS attack against several of the big gaming companies servers. I’ve no idea what the motivation of this group was, and choose not to speculate as to what they may have been thinking. If you were on Twitter this weekend you may have seen a lot of confused and frustrated tweets from gamers who were just trying to have fun playing some online video games.

The group targeted Blizzard Entertainment’s servers. This caused difficulties for those trying to access Battle Net, World of Warcraft, Diablo III, Hearthstone and other Blizzard games. Riot Games’ League of Legends was attacked and so was Grinding Gear Game’s Path of Exile.

Blizzard was keeping people informed about the outage through their @BlizzardCS account on Twitter. They did not directly mention a DDos attack, and instead tweeted things like “We’re investigating issues where players are unable to connect or log into their characters.” Updates about the situation were provided through that Twitter account.

Sony’s PlayStation Network (PSN) was attacked, too. The PlayStation Blog has a post that gives some details.

The original post started with Like other major networks around the world, the PlayStation Network and Sony Entertainment Network have been impacted by an attempt to overwhelm our network with artificially high traffic. The blog was later updated to say: The PlayStation Network and Sony Entertainment Network are back online and people can now enjoy the services on their PlayStation devices. The networks were taken offline due to a distributed denial of service attack.

Grinding Gear Games sent out a Tweet on their @PathofExile Twitter account about it.

From what I saw via Twitter, it appeared that some of these gaming companies had their servers go down more than once. I am of the impression that stability has been restored to the affected servers now. Hopefully, that is the end of the problem.