this is the price Rex Mundi asks for his list of 32.000 belgian paswords and emailadresses that he stole from easypay.be
in fact it is in bitcoins
and this is not new but more and more stolen datasets are being sold for small sums in bitcoins
well it would surprise me if he got 50.000 euro like he wanted from the firm and if he wants that kind of money that he needs a lot of download but that he will only get if he can proof that they still work
now, easypay has changed the passwords - well some people have said that they have received today (about two weeks late) a new password but it is not clear if they have been advised (two weeks late) to change also their passwords for all other services where they have used the same password or something that looks like it
and it is not clear if some security agency in Belgium has bought the list or got the list from easypay to warn all the owners of big networks that they have to block some people - instead of going through a total pasword reset for everybody
and even if that is the case, if you are a client of easypay than you better change your passwords now if they are the same or look like the same
because they use the certificate for the french subdomain for the flemish subdomain
forgot to double check with ipgeo tools who seem to differ, it is not belgium, the hosting company is in Belgium but the hosting is in Spain
this makes everything much more difficult
it is an .be domainname but it is hosted in Spain which makes it much more difficult to do forensic research there and I am not sure what will happen now with the legality of it all, which law will be applicable under which circumstance and which law is better for the firm or for the victims
if you want to keep it simple, in future be sure that your data or that of your clients or users is in Belgium if you are a Belgian firm or work primarily with Belgians. This makes it much easier to work with belgian justice and belgian police and lawyers.
|City||Madrid, 29 -|
|ISP||NAP de Las Americas-Madrid, S.A.|
|AS Number||AS23148 Terremark|
|Distance||2252.09 km (1399.38 miles)|
please aks all your people who have logged in there to change there passwords elsewhere
* if it is the same
* if is has the same letters, structure, logic
take a totally different password from anything for your principal emailaddress
you will always need your principal emailaddress to contact services if things are compromised or have to be verified
all those firms and organisation have also to block all their accounts of their members who have logged in to easypay to be sure that they don't use the same password. You can't wait untill they say so or did so and you have to obligation as a good housefather and as a securityperson to protect your network and data and as you know now that their passwords are on sale online that you have to limit the risk by whatever means you have (and that means is to reset all the passwords of those people using your extranet or external protected services) and in some critical infrastructure like belgocontrol and isabel even their internal passwords (because I suppose that you don't have the cheap but effective double authentification methods)
you can't know when the data will be sold and to who
the costs of doing so you can eventually try to recuperate on easypay by filing a claim in court - enough evidence to do so - because they were really negligent
oh and if you are a bank or you use personal private data and so on - than not blocking all those passwords - makes you NEGLIGENT - and if something happens - YOU ARE IN COURT
some say I am paranoid.
I prefer to be a bit paranoid and not end up in court.
and so and so on
1000 of the 32.000 are here
there are no passwords in this file
these are just some of the emailadresses linked to the passwords
so 32.000 people will have to be alerted TODAY that if they have an account there they should change
* the same passwords
* passwords that look the same or have the same structure
for any service on the web that can be directly or indirectly linked to you even if they seem innocent at first
skynetblogs has asked me to suppress the image with the proof
If you are a lawyer and you need this information for your courtcase against easypay, you can contact me.
yep, they have used everything they have got to destroy the data that was placed online this time
the hack and leak of Finaleasecarcredit.be is important because it is another example of something that I have been running around for the last year but to no avail
when rex mundi hacked some online creditcompanies - including some big ones I asked the national bank who has some stringent itsecurityrules on paper and a very small department to go through them with the banks (but hey it is better than nothing) why these - even big - online creditcompanies didn't have to respect the same basic rules Banks have to respond to (encryption for example in this case)
well, it seemed that the national bank of belgium was not responsable because when they made a list of the financial institutions for which the national bank of belgium was responsable, the firms that were only online were explicitly excluded from the supervision of the national bank (not only itsecurity but also to have enough money and other normal financial rules for normal financial institutions)
but they said, well, maybe the Minister of Economy can be hold responsable if he wants to act as the protector of consumer rights, so I went to the cabinet and the Administration of the Economy - consumer affairs and there we had some discussions but it seemed that their legal advisors didn't really find something they could use immediately and without discussion because there was no law or rule that gave them that power and they would have to try it using some interpretations of some global powers but that was a bit too risky
so there it went
nobody in Belgium is responsable for any online credit or loancompany or insurancecompany if it doesn't exist online or has set up a seperate online affliate
now one of the biggest is hacked - after another big one last year and NOBODY is RESPONSABLE
because everybody is explicitly excluded (National Bank of Belgium) or not explicitly appointed (Minister for Consumer Affairs)
the only thing that can happen is that the Privacycommission takes up this case
the site itself doesn't inform its users that it has been hacked and there is also no mention of any upgrading or technical maintenance over the weekend
they probably think that as long as the normal big media doesn't report it, that nothing has happened
except for this small litle stupid blogger over here ......
Rex Mundi says that it is one of their hacks
so which data is possible hacked, leaked and published on the internet ?
as it is by SQL injection we have to look at the forms
well, on their simulator, this is all the information they are asking (just part of it, it just goes on and on
and it goes on and on and on and on
but we couldn't tell you more about the security of the encryption because somehow it was not configured to be able to be analyzed by securitytools
and in fact the reason is simple
there is NO SSL encryption, there is probably no encryption at all, it is ALL in clear text
so if some of these forms and databases get hacked, than all this data is being given in CLEAR TEXT
it is the real data from this report https://targetedthreats.net/
but the real listings are to be found here https://github.com/citizenlab/malware-indicators
it was only not interested in doing so
this was the situation in 2008 but it should be otherwise today
it was only not interested in doing so
this was the situation in 2008 but it should be otherwise today
this was in 2008 and the contract was for 6 years
we are not saying that Belgacom is responsable because it could be another stupid thing - coming coming
but interesting to know because these things happen more often when firms change providers or technology
DDOS attacks today are so enormous that if you don't have contracts with your hoster and your ISP to displace your servers, a communication strategy and the essential appliances or contracts with the ISP's to stop (part of those attacks) you will just be overwhelmed and dead in the water
and yes you can say that these DDOS attacks are nowadays 1 GBPS instead of the 20 or 100 MBPS they were before (and what could be handled)
but now DDOS attacks need a clear strategy - before they take place
and to show the importance is that after the DDOS attack the login process of the WOW servers was a mess and needed an enormous lot of work from the firm and its serviceproviders increasing another time the already enormous cost of stopping this
the only way to stop this is an international anti DDOS war room that can contact all the major routers and hosts once those attacks are under way and coordinate a FAST response (cut off) to limit already the biggest overwhelming volume and to keep the infrastructure and the securitytools online to work through the other connections that have to be cleaned
"Microsoft has patched a critical flaw in Windows that has existed in every version since the introduction of Windows 95 more than 19 years ago. IBM security researchers discovered the flaw earlier this year and notified the software giant privately in May. The rare bug allows attackers to remotely execute code on an affected system just by convincing Windows users to visit a URL in Internet Explorer. IBM says the exploit can be triggered on Internet Explorer 3.0 onwards, and every currently supported version of Windows is affected.
"This vulnerability has been sitting in plain sight for a long time despite many other bugs being discovered and patched in the same Windows library," says IBM researcher Robert Freeman. While Microsoft is providing patches for Windows 8.1, Windows 7, Windows Vista, and its various server releases, the company stopped supporting Windows XP earlier this year so consumers will not be protected if attackers attempt to exploit the bug. There’s no evidence this bug is being exploited in the wild yet, but it has been rated 9.3 out of 10 on the Common Vulnerability Scoring System (CVSS) so it’s well worth patching through Windows Update if you haven’t already. http://www.theverge.com/2014/11/12/7202801/microsoft-patc...
advice : change to Firefox and don't use Internet Explorer for the internet if you are still on those systems and you can lock down your Firefox so it is as protected as the latest version of Internet Explorer
advice : if you are somewhat commercial than you should really change those systems - just to make sure that are not responsable for any dataloss you may have when you are attacked
advice : install some free firewall (zone-alarm) antivirus (avast) antispyware (search and destroy) and so on
Obama to the wife of the Chinese leader "I know it was not one of our postmen you had an affair with when you visited the states lately, so please ask your husband to stop hacking us to find out who it was and give back the information about our postmen"
her husband saying to Putin
I did as you have said, I have taken all that data about all their postmen and I will find the man who was according to his workfiles at our holiday resort while I was in conference - she thinks I can't proof it but I will
Putin is saying nothing because he already knows who it is, he has it all on film made by his spies and said he wanted to sell it to the Chinese leader but he thought that the price was too high and for that price he could try to find it for himself whatever the means
Obama is telling the Chinese wife that he knows the KGB knows because the CIA was filming the KGB filming the Chinese and he knows that even the Chinese know that the CIA knows that the KBG knows because they were filming the KGB and the CIA (but they forgot to film the Chinese wife so they don't know who she met during one hour while her husband was away). The problem is that Obama is under wife and daughter surveillance all the time and Putin is having athletic erotic exercises with his new lover every day so he has hardly any energy left afterwards. So they don't have any dirty stuff yet to blackmail back - even an operation on the computers of the White House just before this meeting didn't turn up anything that could be used.
the other guest in the row doesn't know how not to start laughing out loud (LOL)
"All United States Postal Service (USPS) employees’ personal data—including names, addresses, social security numbers—has been exposed as the result of a hack believed to have originated from China. According to its own tally, USPS employs over 600,000 people.
they were on first sight only out on the quick buck not ready to invest in real safe infrastructure - just as most of the rest of the bitcoin world with their totally unsafe codes that are being broken faster than it is corrected
and they were really farming in a farm house on farm land (not joking)
they don't have the same rules and controls like the rest of the financial industry even if they have become a real financial (black) industry
because this doesn't look like a real datacenter - more a cannabisplant :)
and this is the result of their non-investment