Hackers attack on Yahoo Voice exposes about 4, 50,000 passwords

A daring attack by the hackers on the Yahoo Voice service led to the revelation of details of about 450,000 users with their email addresses and passwords. A list titled “Owned and Exposed” which is “brought to you by the D33DS Company” was posted online early Thursday morning. To support their claim the hackers diligently posted in their opinion, the plain text credentials for the 453,492 Yahoo accounts in more than 2,700 data base table or column names and 298 MySQL variables all of which they claim to have been obtained in this rearing heist. A Yahoo spokesperson in Singapore declined to comment on this incident.

Similar attacks were reported to have been carried out separately against other online services that included the Formspring and Android Forums. In these services, the users are prompted to change their passwords immediately and to check whether they had also used the same password on other services or not. It is unknown whether both these attacks are linked or not. However, both Formspring and Android Forums have already encrypted the passwords that they had stored even though, it is not a guarantee that their passwords cannot be cracked or exposed.

The attack on Yahoo Voices is the most serious one as the affected accounts appeared to belong to the Voice over Internet Protocol or VOIP service called the Yahoo Voices that runs on Yahoo’s instant messenger. The Voices service is powered by Jajah which is a VOIP platform that was bought by Telefonic Europe BV in the year-2010. The website of the hackers where the original claim was made that is d33ds.co is untraceable on Thursday and the domain name was registered in the month of February.

The hacker’s sole intention seems to show the security lapses on the part of Yahoo and in a brief note at the end of the dump they mentioned that the parties responsible must see it as a wake up call and not as a threat. There are several incidents of Voices hack in recent months. LinkedIn the business networking site had admitted last month that its 6.4 million member passwords had been stolen from its website.

Security experts opined that the most worrying aspect of the attack is that the passwords for the account were not encrypted which gives hackers an open ground to pounce up on the emails and quickly start using them against other services that includes Yahoo mail.

Leave a Reply


Switch to our mobile site