Whom I will trust as I will adders fanged,
They bear the mandate; they must sweep my way
And marshal me to knavery. Let it work,
For 'tis the sport to have the engineer
Hoist with his own petard; and 't shall go hard
But I will delve one yard below their mines
And blow them at the moon. O, 'tis most sweet
When in one line two crafts directly meet.
In a twist of the karmic pepper grinder that, while not a matter of life and death, positively dwarfs that of the melancholy Dane in terms of scale, the web forum OGUsers has been hacked, exposing the details and messages of some 113,000 users. The attack is thought to have occurred on May 12.
If, for some, there's a degree of schadenfreude to these events, it's because the forum is frequented by people who try to break into other people's online accounts, in particularly using SIM swap attacks which exploit weaknesses in two-factor authentication messages sent by SMS. Such attacks can allow access to email, social media accounts and online finances. According to Krebs on Security, access details to compromised accounts were sometimes resold on the forum for hundreds or even thousands of dollars.
"LMFAO"
The attack coincided with an apparent outage which the forum administrator explained had deleted months of private messages. It wasn't until May 16 that the full scale of what happened became clear, when the administrator of another forum, RaidForums, made this announcement:
"On the 12th of May 2019 the forum ogusers.com was breached 112,988 users were affected. I have uploaded the data from this database breach along with their website source files. Their hashing algorithm was the default salted MD5 which surprised me, anyway the website owner has acknowledged data corruption but not a breach so I guess I'm the first to tell you the truth. According to his statement he didn't have any recent backups so I guess I will provide one on this thread lmfao."
The details exposed include email addresses, hashed passwords, private messages and IP addresses. They have been uploaded in full on RaidForums and elsewhere online.
After the attack, OGUsers, um, users took to the forum to report phishing emails targeting their forum accounts. According to Krebs on Security, others took to the forum's Discord channel to complain of a change in behavior that now prevents users from deleting their accounts.
Former Washington Post reporter Brian Krebs, who writes Krebs on Security, speculates that the published data is likely to be of great interest to law enforcement organizations, and may lead to arrests. Hoist indeed.
Source: Krebs on Security
What can be done to solve Internet security problem?
Here are some ideas:
1) Switch all computer software to higher security programming languages! (Instead of using programming languages (like C/C++) in which all tiny bugs act as secret backdoors for hackers & ransomware & malware!)
2) Switch all OS software (like Windows & MacOS & Linux) to work similar to smartphone OS (like Android & iOS)! (Android & iOS work like interpreters that can easily catch any illegal code execution attempts!)
3) Increase severity of punishments for hackers & ransomware/malware writers!
4) Do not allow anonymous access to Internet!
IMHO, preventing anonymous access to Internet is the most important!
IMHO, hackers & ransomware/malware writers do not have much to fear from law enforcement, currently, because tracing back hacker/ransomware/malware attacks to their source is pretty much impossible! & that is because of allowing/enabling anonymous access to Internet!
What needs to be done:
As the first step: Globally ban VPN services (& Tor etc) which enable anonymous usage of Internet!
As the final step: Globally, make it mandatory, to access/login Internet, using (biometric) ID & password etc. & make sure (by global law), all Internet activities/actions/operations can be always traced back to its source computers & people!
"Internet clearly has a huge security problem, currently, caused by hackers & ransomware & malware! It is also clear (@ least to me) that, the problem is keep getting worse & worse!"
It is not getting worse. These problems are mostly due to MS writing bad code along with others doing things just as stupid. Hackers are just the people taking advantage of the stupidity. They are not the cause. Also most hackers are government employees, IE remote spies.
1) Switch all computer software to higher security programming languages! (Instead of using programming languages (like C/C++) in which all tiny bugs act as secret backdoors for hackers & ransomware & malware!)
This might really help but it is like suggesting that we the world stitch from English to Finnish.
2) Switch all OS software (like Windows & MacOS & Linux) to work similar to smartphone OS (like Android & iOS)! (Android & iOS work like interpreters that can easily catch any illegal code execution attempts!)
Now here we have the inside to this person's lack of knowledge (ignorance) about OS systems. Linux is VERY secure and even used by the NSA and CIA. Android is just wall paper over Linux (it IS linux).
3) Increase severity of punishments for hackers & ransomware/malware writers!
Yes, this will work. How do you pose to punish a hacker working out of China and attacking a US computer? The ONLY people this will work on are the voters and the kids that are too dumb to know better yet.
"4) Do not allow anonymous access to Internet!
IMHO, preventing anonymous access to Internet is the most important!
IMHO, hackers & ransomware/malware writers do not have much to fear from law enforcement, currently, because tracing back hacker/ransomware/malware attacks to their source is pretty much impossible! & that is because of allowing/enabling anonymous access to Internet!"
#4$ and here is the STINGER!!! Take away personal privacy. (after having scared you at the beginning of the post) This is a real boon for making money but it does not help make the internet safe. What it will do is make it easier for Cloud based companies to make more money and force you to use their products.
"What needs to be done:
As the first step: Globally ban VPN services (& Tor etc) which enable anonymous usage of Internet!"
This VPN is what gives you privacy on the internet and it also lets you watch/view other countries websites. For example I use VPN because I live in Germany but come from the US. You CAN'T view Netflix in english in Germany and you can't go to the US netflix site from Germany, thus VPN fakes that I am in the US thus I can pay with my US bank and watch my US Netflix. This upsets the advertisers and also the contracts of the film companies that don't want US films to be plaid in Germany.
If you don't want Google and FB to track you then you MUST use a VPN! Naturally they want to stop VPNs.
"As the final step: Globally, make it mandatory, to access/login Internet, using (biometric) ID & password etc. & make sure (by global law), all Internet activities/actions/operations can be always traced back to its source computers & people!"
The final press. Push for one world government, total stopping of privacy or privacy rights.
Don't let them do this to you! Fight for your rights to privacy. Learn to be secure online by learning how to use Linux and VPN.
PS none of these hackers would have a problem losing their info to this hack, if they had been using VPN and practicing safe internet surfing with privacy.