| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.DEB.2.21.1905020558570.1819@ip-172-30-0-239.ec2.internal> Date: Thu, 2 May 2019 05:59:10 +0000 (UTC) From: InfoSec News <alerts@...osecnews.org> To: isn@...ts.infosecnews.org Subject: [Newsletter/Marketing] [ISN] After account hacks, Twitch streamers take security into their own hands https://techcrunch.com/2019/04/30/twitch-account-hacks/ By Zack Whittaker TechCrunch April 30, 2019 Twitch has an account hacking problem. After the breach of popular browser game Town of Salem in January, some 7.8 million stolen passwords quickly became the weakest link not only for the game but gamers’ other accounts. The passwords were stored using a long-deprecated scrambling algorithm, making them easily cracked. It didn’t take long for security researcher and gamer Matthew Jakubowski to see the aftermath. In the weeks following, the main subreddit for Amazon-owned game streaming site Twitch -- of which Jakubowski is a moderator -- was flooded with complaints about account hijacks. One after the other, users said their accounts had been hacked. Many of the hijacked accounts had used their Town of Salem password for their Twitch account. Jakubowski blamed the attacks on automated account takeovers — bots that cycle through password lists stolen from breached sites, including Town of Salem. "Twitch knows it’s a problem -- but this has been going on for months and there’s no end in sight," Jakubowski told TechCrunch. [...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Powered by blists - more mailing lists