Adobe user forum suspended after hack

Status
Not open for further replies.

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
TGDaily said:
Adobe has become the latest victim of hackers, suspending its Connectusers.com forum after login details were published online.

adobe_hack.jpg


The company says it's resetting the passwords of all affected forum members and hopes to restore service as soon as possible. It will alert users whose passwords have been reset once the site's back up and running again.

"At this point of our investigation, it appears that the Connectusers.com forum site was compromised by an unauthorized third party," says the company in a blog post.

"It does not appear that any other Adobe services, including the Adobe Connect conferencing service itself, were impacted."

The Egyptian hacker, who calls himself ViruS_HimA, claims on Pastebin to have stolen credentials for 150,000 forum users, and has publisahed 644 database entries.

"I have Hacked into one of Adobe servers, Gained full access to it, Dumped the Database, It contains over 150,000 Emails,Passwords with full data for a lot of Adobe customers and partners including Emails and Passwords for "Adobe Employees", "US Military", "USAF", "Google", "Nasa", ".Edu" and many many more companies around the world!," reads the post.

"Adobe is a very big company but they don't really take care of them security issues, When someone report vulnerability to them, It take 5-7 days for the notification that they've received your report!!
It even takes 3-4 months to patch the vulnerabilities
!"

Paul Ducklin of security form Sophos is critical of Adobe's security.

"Firstly, the passwords in the list are hashed, but without any salt. A salt is random content mixed with the password before hashing, so that repeated passwords do not cause repeated hashes. You simply must use salted hashes, to stop crackers using a simple precomputed dictionary to crack your passwords super-fast," he says in a blog post.

"Secondly, the hashes consist of a single iteration of MD5 applied directly to the password. You simply must use many iterations of your chosen hash, to slow down crackers by making brute-force attacks harder by a factor as big as the number of iterations."

Read more: http://www.tgdaily.com/security-features/67509-adobe-user-forum-suspended-after-hack
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top