domingo, 5 de julio de 2015

Hackers - Secuestran data en Plex.tv

El sitio de películas Plex, competencia de HULU y Netflix, ha sido hackeado hace dos días. Según un comunicado de la empresa.

Información sensible, como cuentas de usuarios y contraseñas, ha sido comprometida por lo que instan a sus usuarios a cambiar sus contraseñas por una única y con niveles de complejidad.

Plex, por su parte, han reseteado todas las cuentas para que los usuarios cambien las contraseñas.

---"At approximately 1pm PDT yesterday (July 1st) we learned that the server which hosts our forums and blog was compromised. The attacker was able to gain access to some personal information, such as IP addresses, forum private messages, email addresses, and encrypted (hashed and salted) passwords for our forum users. As a precaution, we reset the plex.tv passwords of all users with linked forum accounts and reached out via email with further instructions for those affected. At this time, our forums remain offline while we complete our investigation. All other systems are online and operational."----

Han escrito ayer, que están dando conexiones SSL para mayor seguridad, sin costo alguno para los usuarios con Media Servers.

El hacker, con el aluas "Savaka", escribió en Reddit que les dió dos dias para que le paguen la recompensa en 9.5 bitcoins, y si no lo hacían en el tiempo acordado, aumentaría el valor de la recompensa 5 bitcoins más. En ultima instancia, si no se realizaba el pago, esparciría la data en múltiples sitios y "dejaría de existir" Plex.tv.

---"Hello,

My name is savaka and I like to hack things. Recently https://plex.tv/ (s) forum & website was compromised by me. I managed to obtain all of your data, customers as well as software and files.

I replaced the index.php of the administrator cpanel with a nice message, but the ones in charge of your data decided that it would be pretty lulzy' to remove the message and place the original index back there.

I gave them until the 3rd of this month to send 9.5 BTC to redacted or I would release all this data.

This ransom is still active and on the 3rd: if no BTC payment is made, the ransom wll go up by 5 BTC.

Eventually if no BTC payment is made, the data will be released via multiple torrent networks and there will be no more plex.tv

You can also pay me to remove your data from the content that's going to be released by e-mailing redacted - If you send an e-mail without BTC ready to send, I will add your data to a special list.

savaka

P.S I don't care who the BTC comes from as long as the payment is made: no data will be released.

I would like to think this guy is bluffing but we won't know until we hear about it from the Plex team."---

Por nuestra parte, si usted es un usuario de Plex.tv, le recomendamos encarecidamente cambiar su contraseña a la mayor brevedad posible.

Más información aquí: https://blog.plex.tv/2015/07/02/security-notice-forum-user-password-resets/

Fuente: Reddit, Plex.tv

Sent from my Windows Phone

0 comentarios:

My Tweets

Protegelas.com