Episode
86: The LinkedIn Incident
54:49
Published: Tue Mar 02 2021
Description
In 2012, LinkedIn was the target of a data breach. A hacker got in and stole millions of user details. Username and password hashes were then sold to people willing to buy. This episode goes over the story of what happened. For a good password manager, check out LastPass. Sponsors Support for this episode comes from Quadrant Information Security. If you need a team of around the clock analysts to monitor for threat in your network using a custom SIEM, check out what Quadrant can do for you by visiting www.quadrantsec.com. Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools. Support for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Chapters
This podcast delves into the various layers of the cybercrime supply chain, whereby stolen data is sold by hackers to brokers, who then find buyers through trusted third parties, with the data often used for spamming or promoting other illicit businesses.
00:00 - 01:20 (01:20)
Summary
This podcast delves into the various layers of the cybercrime supply chain, whereby stolen data is sold by hackers to brokers, who then find buyers through trusted third parties, with the data often used for spamming or promoting other illicit businesses.
Episode86: The LinkedIn Incident
PodcastDarknet Diaries
A hacker was able to bypass the front door network firewall by discovering an engineer with LinkedIn admin access, finding their personal website, and using that as a backdoor to gain entry into the company's network.
01:20 - 06:37 (05:17)
Summary
A hacker was able to bypass the front door network firewall by discovering an engineer with LinkedIn admin access, finding their personal website, and using that as a backdoor to gain entry into the company's network. This highlights the dangers of posting sensitive information on social media platforms like LinkedIn.
Episode86: The LinkedIn Incident
PodcastDarknet Diaries
A hacker managed to escape out of a virtual machine and onto the host computer by finding a private key to LinkedIn.
06:37 - 12:40 (06:03)
Summary
A hacker managed to escape out of a virtual machine and onto the host computer by finding a private key to LinkedIn. This highlights the importance of secure logins through public and private keys.
Episode86: The LinkedIn Incident
PodcastDarknet Diaries
Engineers search through server access logs to identify potential security breaches by analyzing user agent data.
12:40 - 16:54 (04:13)
Summary
Engineers search through server access logs to identify potential security breaches by analyzing user agent data. Implementing password hash salting provides another layer of security to protect against brute-force attacks.
Episode86: The LinkedIn Incident
PodcastDarknet Diaries
A hash of LinkedIn passwords was found for sale on an online forum, leading to the discovery that hackers had gained access to the LinkedIn network and stolen users' data, prompting LinkedIn to rebuild servers, force employee password changes, and inform affected users to change their own passwords.
16:54 - 24:40 (07:46)
Summary
A hash of LinkedIn passwords was found for sale on an online forum, leading to the discovery that hackers had gained access to the LinkedIn network and stolen users' data, prompting LinkedIn to rebuild servers, force employee password changes, and inform affected users to change their own passwords.
Episode86: The LinkedIn Incident
PodcastDarknet Diaries
After a journalist contacted FormSpring and revealed their user’s data had been hacked, FormSpring's technical and marketing team quickly responded and investigated the situation.
24:40 - 30:27 (05:47)
Summary
After a journalist contacted FormSpring and revealed their user’s data had been hacked, FormSpring's technical and marketing team quickly responded and investigated the situation. They found out that a user had logged into the web admin panel and ran SQL commands to grab user info such as emails, usernames and password hashes, and took steps to increase security measures.
Episode86: The LinkedIn Incident
PodcastDarknet Diaries
The FBI has identified a Chinese hacker alleged to be behind the 2017 Equifax breach, by cross-referencing user details from the VPN provider, HMA, with the Afraid.org domain registration platform.
30:27 - 40:40 (10:12)
Summary
The FBI has identified a Chinese hacker alleged to be behind the 2017 Equifax breach, by cross-referencing user details from the VPN provider, HMA, with the Afraid.org domain registration platform.
Episode86: The LinkedIn Incident
PodcastDarknet Diaries
A hacker stole 117 million user passwords from LinkedIn's social network for business in 2012 using ways to crack passwords.
40:48 - 46:02 (05:14)
Summary
A hacker stole 117 million user passwords from LinkedIn's social network for business in 2012 using ways to crack passwords. Brave's browser provides advanced browser features like Web USB without risking their privacy.
Episode86: The LinkedIn Incident
PodcastDarknet Diaries
The hacker responsible for the 2012 LinkedIn data breach was sentenced to 88 months in prison and ordered to pay $1.7 million in restitution for the damage caused.
46:02 - 53:50 (07:48)
Summary
The hacker responsible for the 2012 LinkedIn data breach was sentenced to 88 months in prison and ordered to pay $1.7 million in restitution for the damage caused. The hacker's identity was discovered through a chain of events connecting a user agent, a LinkedIn account, and a bank card used for purchases matching other items purchased by the hacker.
Episode86: The LinkedIn Incident
PodcastDarknet Diaries
This is an ad promoting shirts for the Darknet Diaries shop and asking for monthly donations on Patreon to help keep the show running.
53:50 - 55:10 (01:19)
Summary
This is an ad promoting shirts for the Darknet Diaries shop and asking for monthly donations on Patreon to help keep the show running.