Recently we became aware of a person or persons funneling large amounts of upload credit from other members. It appeared that this person was logging into these other accounts and sending the credit back to his/her own account. After quite a bit of investigation we have determined that the "hacker" was not exploiting a weakness in our code or our server but rather he was gaining access to these accounts simply by trying "123456" as the password for every account on our member list. Over the next few days we will be returning the upload credit to each of the affected accounts and implementing several new measures to prevent this kind of malicious activity from happening in the future, some of which are already in place.
During our investigation, we discovered an alarming number of users are and were using "123456" or similarly weak passwords. While we can breathe a small sigh of relief that it's not a sophisticated attack by highly intelligent and determined hackers, it does show us that there is a real need to remind our members that for their safety as well as the overall safety of bitGAMER, we must remind everyone to make their passwords as strong as possible. One excellent resource that can be used is Perfect Passwords. It is also highly recommended that you use a strong and unique password for every site you use and never use the same password at more than one site.
0 komentarze:
Post a Comment