What happened to adult friend finder
That security analyst, known as Revolver, denied any participation in the hack. Hackers can use this collision exploit to their advantage.The truth is, hackers can use collision to forge a digital signature and access a user’s account. In fact, there are free resources online that allow you to decrypt SHA-1 Hash.It was just a matter of time, until a huge security breach happened.One of the biggest data breaches of 2016 was the Adult Friend Finder incident.
Networks, the parent company of those sites, has reportedly been hacked, resulting in the leak of of over 412 million accounts, according to Leaked Source (h/t to CSO).Local File Inclusion(LFI) was the type of attack that breached A. This attack is where the hacker is attempting to gain access to the server by including a malicious file in a vulnerability found when a multimedia file upload is incorrectly configured by the server. and their sister sites, 99 percent of the server database containing usernames, passwords, and emails were cracked as Friend Finder Network(FFN) stored sensitive information in plain text and used an outdated security algorithm known as Secure Hash Algorithm with pepper (SHA-1) .This type of attack would allow the hacker to view local files stored on the server. SHA-1 is a hash function algorithm that encrypts and hides files and data.“Immediately upon learning this information, we took several steps to review the situation and bring in the right external partners to support our investigation.” Some of the claims were false extortion attempts, Ballou said, but the company “did identify and fix a vulnerability that was related to the ability to access source code through an injection vulnerability.” I’ve reached out to Friend Finder and will update this story if I hear back.Editor’s Note: In the tech indsutry, where everyone is constantly preparing for the inevitable, Jeremy Ho, Aaron Murray, Christopher Barron, Spencer Thomas and Vincent Le describe one of the most prominent web application targeted attacks in this blog post — Local File Inclusion (LFI), which also led to one of the biggest hacks in 2016 that revealed millions of customers’ sensitive information.