- 6 Nis 2016
- 96
- 0
https://xakep.ru/2016/08/19/dlh-and-leet-compromised/
Two Gaming Sites were Hacked, millions of activation keys for games in Steam were stolen
8/19/2016
It became known that two of very popular amongst fans of computer games resources were compromised: Leet.cc and DLH.net. Leaks aggregator, LeakedSource, has reported of both sites being hacked. They also reported that the same unknown hacker who was responsible for compromising forums of Dota2 at the end of July of 2016, has also hacked DLH.net . The danger of hacking Home DLH.net was due to the fact that the site held regular give aways of free keys for the computer games that were using Steam platform, which have now fallen in the "wrong hands" along with other user data.
The experts from the LeakedSource were able to obtain copies of the database dumps , which currently are being processed by employees of the company .Website DLH.net offers its visitors not only the latest news , game reviews and other useful information , but also hosts some of the very popular forums . According to the LeakedSource reports , it is the very database of forums' users that had been compromised . Hackers broke in through the gap in the vBulletin platform , all because the latest version of forums' engine was not yet installed. As a result, attackers have stolen the information on its 3.3 million users.Attackers kidnapped all recorded user data , their email- addresses, dates of birth , dates of registration on the site, user names in Steam, and tokens from Facebook, if a user entered the site via social network . About 84 % of all user passwords were only protected by MD5 algorithm , which is unlikely to be considered as a strong one. However, a number of passwords have been encrypted by a more reliable SHA- 1 algorithm .LeakedSource Experts have also noted that 9.1 million of activation keys to the games on Steam platform were also found in the database dump. Although many of these fifteen number codes have already been used and now were virtually useless , many of the users kept also unused keys in their accounts , to such games as KnightShift, Pirates of Black Cove, Final Fantasy IX , and so on . The exact number of valid keys is still unknown.
All things considered, ZDNet journalists managed to contact the site's operators who in turn denied the fact that the site was hacked. Representative of DLH.net Dirk Hassinger said : " We checked the log files on our servers and have not noticed any suspicious activity during the last two weeks ."But DLH.net was not the only gaming resource whose compromise became known today . LeakedSource experts also reported on the Leet.cc database leak . This service is used for creating and hosting Minecraft Pocket Edition servers.Representatives from LeakedSource stated that database contained info on 6,084,276 Leet.cc. users. In the hands of the attackers were usernames , hashed passwords, data on the time of registration and the last visit , userID and email- addresses. It is also known that in this case algorithm SHA- 2 (SHA512) were used for protection of passwords and the passwords were "salted".
Two Gaming Sites were Hacked, millions of activation keys for games in Steam were stolen
8/19/2016
It became known that two of very popular amongst fans of computer games resources were compromised: Leet.cc and DLH.net. Leaks aggregator, LeakedSource, has reported of both sites being hacked. They also reported that the same unknown hacker who was responsible for compromising forums of Dota2 at the end of July of 2016, has also hacked DLH.net . The danger of hacking Home DLH.net was due to the fact that the site held regular give aways of free keys for the computer games that were using Steam platform, which have now fallen in the "wrong hands" along with other user data.
The experts from the LeakedSource were able to obtain copies of the database dumps , which currently are being processed by employees of the company .Website DLH.net offers its visitors not only the latest news , game reviews and other useful information , but also hosts some of the very popular forums . According to the LeakedSource reports , it is the very database of forums' users that had been compromised . Hackers broke in through the gap in the vBulletin platform , all because the latest version of forums' engine was not yet installed. As a result, attackers have stolen the information on its 3.3 million users.Attackers kidnapped all recorded user data , their email- addresses, dates of birth , dates of registration on the site, user names in Steam, and tokens from Facebook, if a user entered the site via social network . About 84 % of all user passwords were only protected by MD5 algorithm , which is unlikely to be considered as a strong one. However, a number of passwords have been encrypted by a more reliable SHA- 1 algorithm .LeakedSource Experts have also noted that 9.1 million of activation keys to the games on Steam platform were also found in the database dump. Although many of these fifteen number codes have already been used and now were virtually useless , many of the users kept also unused keys in their accounts , to such games as KnightShift, Pirates of Black Cove, Final Fantasy IX , and so on . The exact number of valid keys is still unknown.
All things considered, ZDNet journalists managed to contact the site's operators who in turn denied the fact that the site was hacked. Representative of DLH.net Dirk Hassinger said : " We checked the log files on our servers and have not noticed any suspicious activity during the last two weeks ."But DLH.net was not the only gaming resource whose compromise became known today . LeakedSource experts also reported on the Leet.cc database leak . This service is used for creating and hosting Minecraft Pocket Edition servers.Representatives from LeakedSource stated that database contained info on 6,084,276 Leet.cc. users. In the hands of the attackers were usernames , hashed passwords, data on the time of registration and the last visit , userID and email- addresses. It is also known that in this case algorithm SHA- 2 (SHA512) were used for protection of passwords and the passwords were "salted".
