The biggest hacks of 2016 – A year in hacking

The biggest hacks of 2016 – A year in hacking

Share on social media

In case you didn’t know, in amongst the celebrity deaths, and the unraveling of the NWO bandwagon, 2016 was also a bumper year for hackers. Some of the biggest and most audacious hacks in history took place in 2016, including the hacking of the US elections, and the Mirai botnet DDOS attack, which took down some of the biggest sites on the internet including Amazon, Facebook and Twitter.

There have been the largest hacks of personal information in history. Also in 2016. Names such as Yahoo, with billions of accounts compromised.

So here’s my little run-down.

2016 – A year in hacking.

Adultfriendfinder hack

5) Adultfriendfinder hack – November 14th, 2016

Friend Finder Network Inc is a company that operates a wide range of 18+ services and was hacked in November of 2016 for over 400 million accounts representing 20 years of customer data.

A list of sites verified and how many affected accounts and a brief description:

  • Adultfriendfinder.com
    339,774,493 users
    “World’s largest sex & swinger community”
  • Cams.com
    62,668,630 users
    “Where adults meet models for sex chat live through webcams”
  • Penthouse.com
    7,176,877 users
    Adult magazine akin to Playboy
  • Stripshow.com
    1,423,192 users
    Another 18+ webcam site
  • iCams.com
    1,135,731 users
    “Free Live Sex Cams”
  • Unknown domain
    35,372 users

Total: 412,214,295 affected users

Most of the passwords hacked from the Friendfinder network were stored either as plain text, or lightly encrypted, (in the SHA1 protocol).

Once the accounts were modified and the encrypted passwords hacked, they were made available for sale on the Darkweb.

Here’s a list of the passwords most commonly used:-

Rank Password Frequency
1 123456 900,420
2 12345 635,995
3 123456789 585,150
4 12345678 145,867
5 1234567890 133,414
6 1234567 112,956
7 password 101,046
8 qwerty 86,050
9 qwertyuiop 43,755
10 987654321 40,627
11 123123 39,614
12 111111 38,848
13 pussy 37,938
14 fuckme 36,008
15 asdfghjkl 35,021
16 000000 34,631
17 fuckyou 34,498
18 abc123 34,080
19 00000 33,796
20 11111 33,263
21 55555 31,524
22 54321 31,278
23 123452 30,111
24 654321 29,624
25 pwd1234 28,061
26 zxcvbnm 27,237
27 iloveyou 24,155
28 qwert 22,499
29 666666 21,629
30 asdfg 20,696
31 0123456789 20,485
32 azerty 19,700
33 0987654321 19,641
34 france 19,559
35 abcd1234 19,056
36 password1 18,677
37 fffff 18,461
38 112233 18,152
39 696969 18,150
40 123321 17,703
41 121212 17,302
42 asdfgh 16,400
43 football 16,080
44 12345678910 16,054
45 abcde 15,789
46 qwerty123 15,286
47 1qaz2wsx 14,885
48 123123123 14,691
49 pakistan 14,173
50 aaaaa 13,543

Source: Leaked source.


Yahoo user accounts hacked4) Yahoo hacks – A case of false cookies – 2014 to 2016

Allegedly spanning back to 2014, Yahoo has been leaking information to what it called ‘state sponsored hacking’. The most serious breach occurred in December 2016, when it emerged that up to 1billion accounts had been exposed to a breach in security.

Previously that year, all users had been asked to change and update their security passwords following a widely publicised hack.

Turns out Yahoo was being hacked all along. Right back to 2014. (source)

Forged cookies

What the hackers where doing was creating ‘forged’ cookies.

A cookie sits on the users machine and allows him to look at his own email account, change settings, and have general access to the account without having to enter any details…

What these so called, ‘state sponsored’ cyber-criminals through malicious script on website landing pages, was read and duplicate the authentic cookies from Yahoo, and create duplicates.

These duplicates were then processed into a format to give access to multiple accounts simultaneously.

The information beached included names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or un-encrypted security questions and answers.

Payment card data and bank account information were not stored in the system believed to be affected.


Tesco bank hacked3) Tesco bank – Daylight robbery – November 7th, 2016

This is the first instance of a bank having actual live accounts compromised on a large scale.

 ‘The most serious cyber-attack launched against a UK bank’

Tesco Bank manages around 136,000 current accounts, this hack involved the theft of £2.5m from 9,000 customers’ accounts.

Tesco reimbursed the customers.

It represents a landmark hacking in that:

  1. A successful breach of a financial institutions security: Previously, customers had been placed at risk through their own activity, or mis-activity, through phishing sites, fake emails or online scams.
  2. The size of the attack: Over 9,000 customers.

Most customers had around £600 stolen, although one reported a sum of £2,400 removed from their bank during the incident.

More here.


Marai botnet internet attack2) Miria botnet DDoS attack – October 21st, 2016

Although the previous attacks claim ‘state sponsored’ knowhow behind the attacks, this, what is know as the ‘Maria botnet’ DDOS or brute force attack was a first both in terms of scale and methodology.

DDOS are common in the world of internet. The idea is simple; spam a site with so many requests that the servers overheat and stop serving up the traffic.

The solution has been mostly the use of CDN’s or content distribution networks’s. These create a ‘cache’ of content live on the cloud, taking the content of websites away from individual servers, and distributing it among a worldwide network of servers, each serving content to it’s locality.

Once a webpage has been accessed once, that content is moved from the host servers to the cloud servers, and from then on, any repeat requests are dealt with from there.

Miria botnet was a denial of service attack. Unlike previous denial of service attacks, it didn’t use PC or mobile web requests but requests from web-enabled devices. We’re talking routers, DVRs, CCTV cameras, and any other ‘smart’, internet-connected appliances, baby cameras etc.

These items are now collectively know as the Internet Of Things (IOT).

DYN

DYN provides the mapping for Domain Name Servers, that is: it addresses the requests you type into your browser and serves them up converting them from a raw ip, to a recognisable, alphabetical domain name.

According to Dyn, a distributed denial-of-service (DDoS) attack began at 7:00 a.m. (EDT) and was resolved by 9:20 a.m. A second attack was reported at 11:52 a.m. and Internet users began reporting difficulties accessing websites. A third attack began in the afternoon, after 4:00 p.m. At 6:11 p.m., Dyn reported that they had resolved the issue.

Affected websites:-

  • Airbnb
  • Amazon.com
  • Ancestry.com
  • The A.V. Club
  • BBC
  • The Boston Globe
  • Box
  • Business Insider
  • CNN
  • Comcast
  • CrunchBase
  • DirecTV
  • The Elder Scrolls Online
  • Electronic Arts
  • Etsy
  • FiveThirtyEight
  • Fox News
  • The Guardian
  • GitHub
  • Grubhub
  • HBO
  • Heroku
  • HostGator
  • iHeartRadio
  • Imgur
  • Indiegogo
  • Mashable
  • National Hockey League
  • Netflix
  • The New York Times
  • Overstock.com
  • PayPal
  • Pinterest
  • Pixlr
  • PlayStation Network
  • Qualtrics
  • Quora
  • Reddit
  • Roblox
  • Ruby Lane
  • RuneScape
  • SaneBox
  • Seamless
  • Second Life
  • Shopify
  • Slack
  • SoundCloud
  • Squarespace
  • Spotify
  • Starbucks
  • Storify
  • Swedish Civil Contingencies Agency
  • Swedish Government
  • Tumblr
  • Twilio
  • Twitter
  • Verizon Communications
  • Visa
  • Vox Media
  • Walgreens
  • The Wall Street Journal
  • Wikia
  • Wired
  • Wix.com
  • WWE Network
  • Xbox Live
  • Yammer
  • Yelp
  • Zillow

Not a large outage, but a significant disruption. Dyn stated that they were receiving malicious requests from tens of millions of IP addresses totaling 1.2Tbps at it’s peak.

Following the attacks, the code behind botnet was released on Hackforums by a user called Annie-senpai.

The Marai virus continues to grow and mutate, and has made one further, smaller appearance later this year.

No doubt it will be back.


1) Hacking of the US elections – November 2016

Following the election of Donald Trump, it emerged that undue influence in the form of leaked emails provided Trump with the apparatus to bring claims against his competitor which were both true, and supported by admissible evidence.

The fact that this evidence had been unearthed by a group of hackers from a foreign and hostile power, means in essence, the US election had been hacked.

Cozy Bear and Fancy Bear

Intelligence reports an appointed independent group concluded that the attacks had been carried out by two separate, state sponsored Soviet hacking groups; one called Cozy Bear, one called Fancy Bear.

Post-election information led to “a high level of confidence” that Putin “personally directed” the operation.

To read more about Cozy Bear and Fancy Bear.

Donald Trump, the incumbent, continues to refuse to acknowledge the significance of the hack, which involved intercepting the emails of Ms Hillary Clinton, who was using an illegal server with which to conduct White House business of a sensitive nature.
This included a dirty tricks campaign to remove her running partner Bernie Saunders from the race, the details of which were all corroborated by emails and data stored on the illegal server.

The information was then passed to a popular wiki website, where it was published and subsequently to the FBI, where it was investigated.

Both the owner of the popular website and the incumbent US president, deny the emails originated from Russia, or Russian intelligence.


Thankyou goodbye

So there’s the list.

If you thought 2016 was the year of anti-establishment ‘populism’ and dead celebrities, you were wrong.

The list just proves…..

2016 was the year of the hack……

One thought on “The biggest hacks of 2016 – A year in hacking

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.