The members of the hacker group OurMine able to hack an account director general of Google Inc. Sundar Pichai when questions and answers Quora. This was reported in the twitter Sundar Pichai.
Cybercriminals have written on behalf Pichai several messages in which talked about the burglary. Messages are automatically published on Twitter, but they were quickly removed. Issue The Next Web has had time to take a screenshot of messages.
Hackers have explained his actions by saying that they wanted to check the level of security of the service. "We just check the protection level, we will never change the password. We do this because other hackers can break into these accounts and change everything "- they said.
This is not the first trick of hackers OurMine. In early June, they broke into the accounts of Facebook founder Mark Zuckerberg's social network Instagram, Twitter, LinkedIn and Pinterest. According to some experts, hacking Zuckerberg pages in social networks took place because of the theft of personal data from LinkedIn. LinkedIn was hacked in 2012, allowing the hackers gained access to the data of 117 million users.
Cybercriminals of OurMine say they just want to check the vulnerability of sites. They noted that never change passwords, and account for their actions by what other hackers can gain access to personal pages and "change everything."
How do they do it?
In March 2013 the famous American online magazine Ars Technica conducted an interesting experiment. The editor Nate Anderson armed with freely available software on the Internet and the largest in recent years, database password hashes RockYou website. With these tools never before hacking passwords Anderson cracked a few hours a little less than half of the list of 16449 MD5-hashes.
Encouraged by the success, Ars Technica magazine decided to run an experiment again, but with the assistance of three professional burglars. 12 hours hackers managed to get 14,734 a password that is 90% of the list. Why user passwords so easy to decipher?
First of all, hacked "simple" password, since it takes the least time, experts say. Then, like in a computer game, hackers go to higher levels. First, they use the principle of "brute force" that allows you to decrypt more than half the length of passwords from one to six characters, which include the 26 letters, 10 digits and 33 other characters. It received a small number of combinations, which is usually a desktop can quickly calculate.
Increasing the number of characters on one or two greatly increases the number of options, search already take several days. selection method for a long passwords can take years. Therefore, to break the long and complex passwords using dictionary lists prepared on the basis of real user passwords, "lit up" in various leaks.
These include lists of great value to hackers base is RockYou, which is constantly updated as a result of new leaks. Leaks have shown that users of public Web sites and social networks rarely invent complex passwords. They believe that the information placed there, is not of interest to hackers. For example, more than 290 thousand at RockYou passwords are a combination of the well-known "123456". Also, many users use different services on the same password, which greatly facilitates the work of hackers.
Although guaranteed can not protect yourself from password cracking, but can significantly complicate the work of computer criminals, experts say. To do this, experts suggest using passwords at least 11-12 characters. Also, the password should contain alphabetic characters in a different case letters, numbers and other symbols. In addition, the password should not be read as a clear pattern. Experts also recommend not to use at different sites the same password and how to change them frequently.
I upvoted You
How do they do it? Very simple! always have to be alert. UPvoted!