The Ubuntu Forums website has been hacked. The hacker has not only defaced the site, but he has also accessed user data.
Over 1.8 million users are said to be affected by the security breach.
The worst part of it is that the passwords accessed by the attackers
were encrypted using the outdated MD5 algorithm.“We have confirmed the attackers were able to access all user
email addresses and hashed passwords on the Forums site. While the
passwords were not stored in plain text, good practice dictates that
users should assume the passwords have been accessed and change them,”
Canonical’s Jane Silber explained in a blog post.
Silber has told Ars Technica that the MD5 hashing algorithm and cryptographic salt have been utilized to protect the passwords. However, as most experts will tell you, cracking MD5 hashes is easy, despite the fact that the salt might slow down the process.Canonical still hasn’t released any details as to how the cybercriminals gained access to the website.As far as the attacker is concerned, the defacement page referenced the Twitter account “@Sputn1k_” (suspended).Avira Security Expert and Product Manager Sorin Mustaca says that the breach is serious, even if there’s no financial information involved.“Leaving aside the fact the PR impact on the companies, such a hack, even if no credit card got stolen, means a lot of work for the affected ‘accounts’,” the expert told Softpedia.“Often it is forgotten that behind each ‘account’ is a real person. These persons now have to change not only the password on the affected website but, most probably in many other accounts that were using the same combination email address and password,” he added.“In case of Ubuntu, the forums that are now offline were the most important source of information for the users. Without this available, users have now to spend considerably more time to search for answers and solutions to their issues, because there are plenty of resources available in the Internet, but none as used and as reliable as the official forums.”
Silber has told Ars Technica that the MD5 hashing algorithm and cryptographic salt have been utilized to protect the passwords. However, as most experts will tell you, cracking MD5 hashes is easy, despite the fact that the salt might slow down the process.Canonical still hasn’t released any details as to how the cybercriminals gained access to the website.As far as the attacker is concerned, the defacement page referenced the Twitter account “@Sputn1k_” (suspended).Avira Security Expert and Product Manager Sorin Mustaca says that the breach is serious, even if there’s no financial information involved.“Leaving aside the fact the PR impact on the companies, such a hack, even if no credit card got stolen, means a lot of work for the affected ‘accounts’,” the expert told Softpedia.“Often it is forgotten that behind each ‘account’ is a real person. These persons now have to change not only the password on the affected website but, most probably in many other accounts that were using the same combination email address and password,” he added.“In case of Ubuntu, the forums that are now offline were the most important source of information for the users. Without this available, users have now to spend considerably more time to search for answers and solutions to their issues, because there are plenty of resources available in the Internet, but none as used and as reliable as the official forums.”