Posted Monday 15th October 2007 18:31 GMT
Given that the name of the host where the passwords were posted ends in -chan, and that the url path contained the substring '/b/', shouldn't the real headline be "World reels in amazement as not all /b/-tards turn out to be completely full of shit"?
Posted Monday 15th October 2007 18:35 GMT
All the banks here provide a list of single use key-value pairs (won't ask the same pair more than once). So when you log in, you must provide a right value matching a given key. Never mind if a script kiddie got your HoTMaiL password..
Posted Monday 15th October 2007 23:21 GMT
How often does this exact thing happen, but the criminals don't advertise?
---
I am also confused as to the criminals motivation.
A "white-hat" would do the deed to draw attention to security problems, but not post the hashes and passwords.
If there was a profit motive, I imagine you would probably want to quietly exploit the information without anyone knowing.
I am guessing then that the motive is either bragging rights or revenge?
Only how do you enjoy either if you can't tell anyone?
Posted Tuesday 16th October 2007 07:13 GMT
Amount Password cumulative %
214 salasana 1.18 (salasana=password in Finnish)
176 123456 2.16
118 perkele 2.81 (Common 4-letter word)
85 12345 3.28
74 qwerty 3.69
The whole list telling the so far found passwords and the number of appearances is available at http://10.uraanikaivos.com/yleisyys.txt
Page is in Finnish, but the list is understandable. Currently 28% of the passwords have been decrypted.
Posted Tuesday 16th October 2007 17:54 GMT
Very clever.
A while back a Finnish banner ad for the Dr. Who TV series read "Who the f**k?". This was from the national broadcasting company. Very amusing.
For some reason the threshold for using rude words in a foreign language is low.
Back to the article