Ashley Madison Passwords for 11 million accounts have been hacked. There seems to be no end in sight for Ashley Madison’s troubles when passwords for 11 million of their accounts have been hacked recently.
Passwords Canadian website deception could not be hacked before because employ a bcrypt algorithm. But according to New York Today, a group of highly qualified individuals in the piracy, employed by Prime-a research group cybersecurity Cynosure was able to decipher the passwords of at least 11 million users of Ashley Madison.
NYC Today Ashley Madison said algorithm uses a bcrypt it was very difficult to decipher.
But Prime Cynosure could encrypt passwords 16 million of the 32 million accounts were hacked, revealing more than 11 million user passwords.
Cynosure First explained how they did it in his blog that were seen in the second filtration git landfills and identified two features of interest. When they looked more closely at the dumps git, they discovered that they could use these functions to serve as “helpers” and accelerate the process of cracking the hashes bcrypt.
They added that by using the two methods of generation unsafe “$ logkinkey” seen in two different functions, we were able to accelerate the process of cracking passwords bcrypt hash.
Rather than going directly at the bcrypt hashes and cracking them, which takes a lot of time, they decided to take a more efficient method and simply go after the “md5(lc($username) .”::”.lc($pass)) and md5(lc($username).”::”.lc($pass).”:”.lc($email).”:[email protected]^bhhs&#@&^@[email protected]*$”) tokens instead.
After deciphering the mode, Cynosure First just having the right box bcrypt signal his counterpart.
Prime Cynosure also noted that “variable loginkey $” is used to log on to the site and automatically generated each time a user account is created and re-created when the user changes the details of your account, such as user names, passwords, and email addresses.
Due to the hacking incident, Ashley Madison is facing lots of lawsuits in Canada and the US
Noel Biderman, CEO of Ashley Madison, had to resign after the incident.
Cyber security experts are advising people to use a strong password only one, indicating that the security of one’s identity online should also fall in the risk.