Android Forums is an online forum for users, was the target of a hacker attack which could have led to user information involving passwords getting compromised, its operator Phandroid.com stated this Thursday.
Members of Android Forums have been asked to alter their passwords, after it was got that the server hosting the forum was settled and database of the website was accessed. The Android this forum has more than 1 million users.”The user table database of Android Forum was accessed,” an Android Forums Community Manager, known as Phases, declared in a post on the website on Tuesday. He told it was absolutely possible that data was downloaded and the Android forum considered to be taken action assuming that it was.
Information in the user database possessed information like unique IDs, usernames, emails, hashed and ‘salted” passwords, and registration IP addresses, as post revealed. A hash is a cryptographic display of a password and salted hashes include inserting random qualities into the hash.
Following the circumstances, passwords were changed to random strings, beginning with those of about 100 staff. All the Database code and the file system were also viewed again for malicious edits and uploads and it was checked out that other web sites on the network were not accessed.
The hack was most likely an email harvesting attempt, according to community manager. He further pointed out that a spammer could theoretically try to bulk e-mail all AF users with the user database. Users have been suggested to alter their password on Android Forums and other websites where they have same username and password. “This can be done while logged-in by means of your userCP or using the “forget your password”? Page if logged-out,” as stated in the post.
“It looks like online security breaches are, unluckily, just a sign of our times,” Phandroid told referring to the hacks reported in this week at Yahoo and Formspring. It also told it was seeking for a penetration tester that can support it with an audit.
A group of hackers issued on the Internet on Thursday a list of more than 453,000 log-in credentials that were stolen from a database relating to unnamed Yahoo service.
Formspring, a social network, said Tuesday that it had a security breach which may have led to lot of user passwords being accessed. More than 420,000 password hashes from Formspring site, were posted to a security forum. The company blocked all user passwords and motivated about 28M users to change them the next time they logged in.