The biggest hacks of 2016 – A year in hacking
In case you didn’t know, in amongst the celebrity deaths, and the unraveling of the NWO bandwagon, 2016 was also a bumper year for hackers. Some of the biggest and most audacious hacks in history took place in 2016, including the hacking of the US elections, and the Mirai botnet DDOS attack, which took down some of the biggest sites on the internet including Amazon, Facebook and Twitter.
There have been the largest hacks of personal information in history. Also in 2016. Names such as Yahoo, with billions of accounts compromised.
So here’s my little run-down.
2016 – A year in hacking.
5) Adultfriendfinder hack – November 14th, 2016
Friend Finder Network Inc is a company that operates a wide range of 18+ services and was hacked in November of 2016 for over 400 million accounts representing 20 years of customer data.
A list of sites verified and how many affected accounts and a brief description:
- Adultfriendfinder.com
339,774,493 users
“World’s largest sex & swinger community” - Cams.com
62,668,630 users
“Where adults meet models for sex chat live through webcams” - Penthouse.com
7,176,877 users
Adult magazine akin to Playboy - Stripshow.com
1,423,192 users
Another 18+ webcam site - iCams.com
1,135,731 users
“Free Live Sex Cams” - Unknown domain
35,372 users
Total: 412,214,295 affected users
Most of the passwords hacked from the Friendfinder network were stored either as plain text, or lightly encrypted, (in the SHA1 protocol).
Once the accounts were modified and the encrypted passwords hacked, they were made available for sale on the Darkweb.
Here’s a list of the passwords most commonly used:-
Rank | Password | Frequency |
1 | 123456 | 900,420 |
2 | 12345 | 635,995 |
3 | 123456789 | 585,150 |
4 | 12345678 | 145,867 |
5 | 1234567890 | 133,414 |
6 | 1234567 | 112,956 |
7 | password | 101,046 |
8 | qwerty | 86,050 |
9 | qwertyuiop | 43,755 |
10 | 987654321 | 40,627 |
11 | 123123 | 39,614 |
12 | 111111 | 38,848 |
13 | pussy | 37,938 |
14 | fuckme | 36,008 |
15 | asdfghjkl | 35,021 |
16 | 000000 | 34,631 |
17 | fuckyou | 34,498 |
18 | abc123 | 34,080 |
19 | 00000 | 33,796 |
20 | 11111 | 33,263 |
21 | 55555 | 31,524 |
22 | 54321 | 31,278 |
23 | 123452 | 30,111 |
24 | 654321 | 29,624 |
25 | pwd1234 | 28,061 |
26 | zxcvbnm | 27,237 |
27 | iloveyou | 24,155 |
28 | qwert | 22,499 |
29 | 666666 | 21,629 |
30 | asdfg | 20,696 |
31 | 0123456789 | 20,485 |
32 | azerty | 19,700 |
33 | 0987654321 | 19,641 |
34 | france | 19,559 |
35 | abcd1234 | 19,056 |
36 | password1 | 18,677 |
37 | fffff | 18,461 |
38 | 112233 | 18,152 |
39 | 696969 | 18,150 |
40 | 123321 | 17,703 |
41 | 121212 | 17,302 |
42 | asdfgh | 16,400 |
43 | football | 16,080 |
44 | 12345678910 | 16,054 |
45 | abcde | 15,789 |
46 | qwerty123 | 15,286 |
47 | 1qaz2wsx | 14,885 |
48 | 123123123 | 14,691 |
49 | pakistan | 14,173 |
50 | aaaaa | 13,543 |
Source: Leaked source.
4) Yahoo hacks – A case of false cookies – 2014 to 2016
Allegedly spanning back to 2014, Yahoo has been leaking information to what it called ‘state sponsored hacking’. The most serious breach occurred in December 2016, when it emerged that up to 1billion accounts had been exposed to a breach in security.
Previously that year, all users had been asked to change and update their security passwords following a widely publicised hack.
Turns out Yahoo was being hacked all along. Right back to 2014. (source)
Forged cookies
What the hackers where doing was creating ‘forged’ cookies.
A cookie sits on the users machine and allows him to look at his own email account, change settings, and have general access to the account without having to enter any details…
What these so called, ‘state sponsored’ cyber-criminals through malicious script on website landing pages, was read and duplicate the authentic cookies from Yahoo, and create duplicates.
These duplicates were then processed into a format to give access to multiple accounts simultaneously.
The information beached included names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or un-encrypted security questions and answers.
Payment card data and bank account information were not stored in the system believed to be affected.
3) Tesco bank – Daylight robbery – November 7th, 2016
This is the first instance of a bank having actual live accounts compromised on a large scale.
‘The most serious cyber-attack launched against a UK bank’
Tesco Bank manages around 136,000 current accounts, this hack involved the theft of £2.5m from 9,000 customers’ accounts.
Tesco reimbursed the customers.
It represents a landmark hacking in that:
- A successful breach of a financial institutions security: Previously, customers had been placed at risk through their own activity, or mis-activity, through phishing sites, fake emails or online scams.
- The size of the attack: Over 9,000 customers.
Most customers had around £600 stolen, although one reported a sum of £2,400 removed from their bank during the incident.
2) Miria botnet DDoS attack – October 21st, 2016
Although the previous attacks claim ‘state sponsored’ knowhow behind the attacks, this, what is know as the ‘Maria botnet’ DDOS or brute force attack was a first both in terms of scale and methodology.
DDOS are common in the world of internet. The idea is simple; spam a site with so many requests that the servers overheat and stop serving up the traffic.
The solution has been mostly the use of CDN’s or content distribution networks’s. These create a ‘cache’ of content live on the cloud, taking the content of websites away from individual servers, and distributing it among a worldwide network of servers, each serving content to it’s locality.
Once a webpage has been accessed once, that content is moved from the host servers to the cloud servers, and from then on, any repeat requests are dealt with from there.
Miria botnet was a denial of service attack. Unlike previous denial of service attacks, it didn’t use PC or mobile web requests but requests from web-enabled devices. We’re talking routers, DVRs, CCTV cameras, and any other ‘smart’, internet-connected appliances, baby cameras etc.
These items are now collectively know as the Internet Of Things (IOT).
DYN
DYN provides the mapping for Domain Name Servers, that is: it addresses the requests you type into your browser and serves them up converting them from a raw ip, to a recognisable, alphabetical domain name.
According to Dyn, a distributed denial-of-service (DDoS) attack began at 7:00 a.m. (EDT) and was resolved by 9:20 a.m. A second attack was reported at 11:52 a.m. and Internet users began reporting difficulties accessing websites. A third attack began in the afternoon, after 4:00 p.m. At 6:11 p.m., Dyn reported that they had resolved the issue.
Affected websites:-
- Airbnb
- Amazon.com
- Ancestry.com
- The A.V. Club
- BBC
- The Boston Globe
- Box
- Business Insider
- CNN
- Comcast
- CrunchBase
- DirecTV
- The Elder Scrolls Online
- Electronic Arts
- Etsy
- FiveThirtyEight
- Fox News
- The Guardian
- GitHub
- Grubhub
- HBO
- Heroku
- HostGator
- iHeartRadio
- Imgur
- Indiegogo
- Mashable
- National Hockey League
- Netflix
- The New York Times
- Overstock.com
- PayPal
- Pixlr
- PlayStation Network
- Qualtrics
- Quora
- Roblox
- Ruby Lane
- RuneScape
- SaneBox
- Seamless
- Second Life
- Shopify
- Slack
- SoundCloud
- Squarespace
- Spotify
- Starbucks
- Storify
- Swedish Civil Contingencies Agency
- Swedish Government
- Tumblr
- Twilio
- Verizon Communications
- Visa
- Vox Media
- Walgreens
- The Wall Street Journal
- Wikia
- Wired
- Wix.com
- WWE Network
- Xbox Live
- Yammer
- Yelp
- Zillow
Not a large outage, but a significant disruption. Dyn stated that they were receiving malicious requests from tens of millions of IP addresses totaling 1.2Tbps at it’s peak.
Following the attacks, the code behind botnet was released on Hackforums by a user called Annie-senpai.
The Marai virus continues to grow and mutate, and has made one further, smaller appearance later this year.
No doubt it will be back.
1) Hacking of the US elections – November 2016
Following the election of Donald Trump, it emerged that undue influence in the form of leaked emails provided Trump with the apparatus to bring claims against his competitor which were both true, and supported by admissible evidence.
The fact that this evidence had been unearthed by a group of hackers from a foreign and hostile power, means in essence, the US election had been hacked.
Cozy Bear and Fancy Bear
Intelligence reports an appointed independent group concluded that the attacks had been carried out by two separate, state sponsored Soviet hacking groups; one called Cozy Bear, one called Fancy Bear.
Post-election information led to “a high level of confidence” that Putin “personally directed” the operation.
To read more about Cozy Bear and Fancy Bear.
Donald Trump, the incumbent, continues to refuse to acknowledge the significance of the hack, which involved intercepting the emails of Ms Hillary Clinton, who was using an illegal server with which to conduct White House business of a sensitive nature.
This included a dirty tricks campaign to remove her running partner Bernie Saunders from the race, the details of which were all corroborated by emails and data stored on the illegal server.
The information was then passed to a popular wiki website, where it was published and subsequently to the FBI, where it was investigated.
Both the owner of the popular website and the incumbent US president, deny the emails originated from Russia, or Russian intelligence.
Thankyou goodbye
So there’s the list.
If you thought 2016 was the year of anti-establishment ‘populism’ and dead celebrities, you were wrong.
The list just proves…..
2016 was the year of the hack……
One thought on “The biggest hacks of 2016 – A year in hacking”
Wooouuuuuu….hacking 2016……wonder what 2017 has in store 🙂