More Passwords, Please: 98 Million Leaked From 2012 Breach Of 'Russia's Yahoo'

Sean Gallagher, writing for ArsTechnica: Another major site breach from four years ago has resurfaced. Today, LeakedSource revealed that it had received a copy of a February 2012 dump of the user database of Rambler.ru, a Russian search, news, and e-mail portal site that closely mirrors the functionality of Yahoo. The dump included usernames, passwords, and ICQ instant messaging accounts for over 98 million users. And while previous breaches uncovered by LeakedSource this year had at least some encryption of passwords, the Rambler.ru database stored user passwords in plain text -- meaning that whoever breached the database instantly had access to the e-mail accounts of all of Rambler.ru's users. The breach is the latest in a series of "mega-breaches" that LeakedSource says it is processing for release. Rambler isn't the only Russian site that has been caught storing unencrpyted passwords by hackers. In June, a hacker offered for sale the entire user database of the Russian-language social networking site VK.com (formerly VKontakte) from a breach that took place in late 2012 or early 2013; that database also included unencrypted user passwords, as ZDNet's Zach Whittaker reported.

I GOT BITTEN BY A BULGARIAN ONCE

   

Re:I GOT BITTEN BY A BULGARIAN ONCE

And you liked it

Re:Plain Text

I run a moderately popular site that stores passwords in plaintext. Wanna know why?
So I can look at your password.
99x / 100 people use the same username, password, and email for everything. Even their bank.

ICQ

[freeze128]

Does anyone in the US use ICQ anymore? The last I heard from it was the late 90's, then AOL messenger and Yahoo messenger dominated the marketplace.

Re:ICQ

[CastrTroy]

I don't use it anymore, but I looked it up a few months ago, and it actually seems to be a pretty good solution. It has clients for just about every device and operating system. Which seems a lot better than any of the other instant messaging systems that seem to want to limit themselves to certain devices. Services like iMessage or Snapchat come to mind. I didn't actually download and try it, so I can't speak to the quality of how well it works, but it does look like it at least tries to be supported on just about every platform.

Re:ICQ

[marmot7]

Is the fact that an artifact that shouldn't have been found until archeologists had a go at cyberspace, ICQ(!), was found mean something? The data is old? This is some sort of cosmic joke? ICQ, wasn't that already on the way out by end of the '90s?

Re:ICQ

Does anyone in the US use ICQ anymore? The last I heard from it was the late 90's, then AOL messenger and Yahoo messenger dominated the marketplace.

ICQ has been Russian since 2010.

Well, it was already Israeli from the beginning... And AOL brought it in-between...

Re:ICQ

[antdude]

A couple people and I still do, but rarely. However, we don't use native clients. We use third parties like Trillian, Pidgin/Finch, etc. I am disappointed with Yahoo! for locking them out. :(

Re:Plain Text

My password is 12345, which is also the combination on my luggage. It's served me well for many years. Don't see any reason to start changing it now.

Auth secrets should always be LOCAL

[Morgaine]

When authentication secrets are stored centrally on a website then they are always at risk, regardless of the methods used to protect them. Good sites make the stored information hard to crack, and poor sites make it easy, but they are all at risk --- from internal employee corruption if nothing else. Those secrets will leak because when stored at a single point then they are all accessible to the attacker at a single point. Mass leakage is just a matter of time.

A vastly more secure approach that has been well known for decades is based on PKI, in which the user stores their auth secret locally in a private key, one half of a {private,public} PKI key pair. The server only gets to know the user's public key, and it's pointless for an attacker to crack that because the public key is public information that can be distributed freely through keyservers. (The PGP/GnuPG keyserver network has been doing this for decades.)

When a user creates an account on some website, she provides the identifier of her chosen public key (she may have lots of them). When logging in to the account subsequently, the server looks up her public key identifier in the info held for this account, fetches her public key from the keyservers, then it sends her a random string encrypted with her public key. She decrypts it with her private key (which is only held locally by the user, nowhere else) and sends the decrypted string back. The server accepts the login if the returned string matches the random string that it picked, which is not stored anywhere and varies on every login, and it rejects the fraudulent login attempt if the match fails. All this can be completely automatic.

That's strong distributed security, and it's resistant to MITM attacks and does not store any authentication secrets on the central service so those secrets cannot leak when the service is compromised.

This kind of PKI-based approach is not rocket science. Why this old but secure scheme isn't used by websites is a big mystery. The reason isn't user inconvenience, since PKI can be packaged up to look trivial to end users if developers take the trouble. And so, websites get hacked and their users' auth secrets get revealed by the millions, surprise surprise.

Re:Auth secrets should always be LOCAL

[Joce640k]

Huh?

People have been hashing passwords since the 1970's. It's a solved problem, one extra line of code and all programmers know about it.

If these sites are storing passwords in plain text it's because they WANT to store them in plain text. They're using them for something (eg. sniffing people's email/Facebook/bankaccount/whatever).

No amount of crypto theory is applicable to these sites because they're not interested in it.

Re:Auth secrets should always be LOCAL

You entirely missed the OP's point that no secret of any kind needs to be stored on servers in any form whatsoever when PKI is used. It doesn't rely on correct handling of the secrets with hashing or anything else, because there are no secrets held on the server at all.

Nothing, zilch. And when there's nothing secret on the server then there is nothing secret to leak when the server is cracked.

If you defend storage of hashed secrets on servers then you are part of the problem, because not everyone will do it correctly and therefore massive spills will occur, it's completely inevitable. That's where we are already today.

Re: Auth secrets should always be LOCAL

[ljw1004]

PKI... How would you share it with your desktop and cellphone and Alexa? ("local" doesnt exist...) And make it work from cellphone web browsers?

Re:Auth secrets should always be LOCAL

She decrypts it with her private key (which is only held locally by the user, nowhere else) and sends the decrypted string back

I think you mean that she sends the decrypted string back, after encrypting it with the recipients public key.

Re:Auth secrets should always be LOCAL

I think you mean that she sends the decrypted string back, after encrypting it with the recipients public key.

That's a very good recommendation from a belt-and-braces perspective, because it makes the cleartexts unavailable for differential cryptoanalysis.

In addition to re-encryption, it is important that the returned string first be signed with her private key to avoid replays by injection in case the session key is compromised.

Re:Plain Text

[ByTor-2112]

Wanna know what is more useful than storing plaintext passwords? Storing plaintext incorrect passwords.

Re:Plain Text

[Joce640k]

I can't understand in any way, that a site that size can be running with plain text passwords. In 2012.

Don't attribute to stupidity anything which can adequately be explained by malice.

Maybe somebody wanted your password. Lots and lots of people use the same password for everything. Maybe these sites were using people's passwords to sniff their Facebook accounts, their email, who-knows-what...?

It really is the way some CEOs think, and what they'll order their programmers to do.

Russian yahoo

Does the Russian yahoo go bankrupt and implode like ours does?

Slashdot filter

[aardvarkjoe]

Could we get all of the "accounts at X compromised" stories put into a dedicated section that we can filter out of the front page if we so desire?

I get that these are important to those people who are affected, but it's getting to the point where there's at least one, sometimes more, of these stories every day. There's nothing new to be said about the topic.

Re: Plain Text

Wanna know what's even more arousing than storing incorrect passwords? Porn. The answer is porn.

Australian 2016 Census

Should be eventful when the 2016 census is released online in plain text

Re:Plain Text

[Mashiki]

Well if someone wants my ICQ password they're welcome to it. I don't think I've used it since 2001 and have had many passwords since.