Skip to main contentdfsdf

Home/ parentevent1's Library/ Notes/ Hackers Smuggle Millions Of Minecraft Passwords

Hackers Smuggle Millions Of Minecraft Passwords

from web site

Mundo's images Mundoimg


Hackers steal millions of Minecraft passwords



29 April 2016



Hackers have stolen login data for more than seven million users of the Minecraft site Lifeboat.



Lifeboat members are able to run servers to create custom multiplayer maps for Minecraft's smartphone version.



Evidence suggests that stolen data including email addresses and passwords is being offered by sites which sell hacked files.



The study suggests that passwords were weakly secured, allowing attackers to easily work them out.



Minimise damage



The information about the breach was shared with independent security expert Troy Hunt who said he received the list from a person who deals in stolen credentials. A number of people had informed him that the data was circulating on dark web sites.



Mr Hunt said that the data was stolen in early 2016, but the breach has only recently been discovered.



He stated that passwords for Lifeboat accounts had been washed but the algorithm used provided very little protection.



Hashing is a technique that is used to make passwords more difficult to read. cannot be read easily when the data is lost.
Mundo's images



Often, he said that a Google search for a password hashed will instantly give the correct plain text value. He added that well-known hacking tools could be able to automate this process and accelerate it.



He also stated that "a large percentage of these passwords will have been converted to plain text in a very brief time" in a blog post on the breach.



This often lead to other security issues the expert said, as many people reuse passwords, so that they can be exposed to attackers to compromise accounts on different sites.



In a letter to Motherboard, Lifeboat said it had taken action to mitigate the damage.



"When this happened in January, we determined that the best solution for our player was to force a reset password, without notifying hackers that they could only take action for a short period of time," it said to the news site, stating that it is now using stronger hashing algorithms.



It stated: "We have not received any reports of anyone being injured due to this."



Mr. Hunt was dissatisfied with the company's decision to "quietly" forcing the password re-set saying the policy rendered him "speechless".



He stated that Lifeboat could have been more proactive in advising users so they could quickly modify passwords if they were used on other websites.



"The first thing to be on the minds of any business after an incident such as this is, 'How do we minimize the damage to our users?'" He said.



Minecraft takes a leap into virtual reality



28 April 2016



Beautiful People data available online



26 April 2016



An estate agent is hiring Minecraft builders



30 March 2016



Minecraft to assist AI



14 March 2016

parentevent1

Saved by parentevent1

on Jan 05, 23