What happened to adult friend finder
Keep this in mind and it will prevent many bad things from happening online."Other experts have criticized the way the personal data was stored, particularly with regards to the importance of password security."Storage of clear-text passwords is inexcusable in today's world," says Mike Raggo, chief research scientist at social media security firm Zero Fox.Networks, the parent company of those sites, has reportedly been hacked, resulting in the leak of of over 412 million accounts, according to Leaked Source (h/t to CSO).
LFI is an exploit of a vulnerability that occurs an input is not properly sanitized. FFN had no parameters when setting up an online account allowing users to create simple passwords, of the 412 million users 900,420 of the user passwords were “123456”.
“Immediately upon learning this information, we took several steps to review the situation and bring in the right external partners to support our investigation.” Some of the claims were false extortion attempts, Ballou said, but the company “did identify and fix a vulnerability that was related to the ability to access source code through an injection vulnerability.” I’ve reached out to Friend Finder and will update this story if I hear back.
Editor’s Note: In the tech indsutry, where everyone is constantly preparing for the inevitable, Jeremy Ho, Aaron Murray, Christopher Barron, Spencer Thomas and Vincent Le describe one of the most prominent web application targeted attacks in this blog post — Local File Inclusion (LFI), which also led to one of the biggest hacks in 2016 that revealed millions of customers’ sensitive information.
If confirmed, the breach would be largest known breach of personal data this year.
It is the second time in as many years that Adult Friend Finder has been hacked, following 3.5 million user records being exposed in May 2015.
Local File Inclusion(LFI) was the type of attack that breached A. This attack is where the hacker is attempting to gain access to the server by including a malicious file in a vulnerability found when a multimedia file upload is incorrectly configured by the server. and their sister sites, 99 percent of the server database containing usernames, passwords, and emails were cracked as Friend Finder Network(FFN) stored sensitive information in plain text and used an outdated security algorithm known as Secure Hash Algorithm with pepper (SHA-1) .