CTOnews.com, December 10, according to CCTV news official WeChat, a job recruitment App SMS CAPTCHA interface encountered more than 13 million attacks. Police investigation found that two suspects took advantage of website vulnerabilities to make hacker software and carry out a "hit library" attack to obtain a large amount of personal information and company account data to be sold abroad.
CTOnews.com also learned from relevant reports on CCTV that some time ago, the Beijing police received a report from an Internet company in its jurisdiction that the SMS CAPTCHA interface of its job search and recruitment category App had suffered more than 1300 attacks and successfully matched more than 300,000 registered accounts. Beijing police quickly determined that this was a case in which hackers took advantage of website loopholes to illegally obtain account information and use it for illegal activities.
According to reports, the suspect Yu confessed that he registered an account on the recruitment platform on October 18, 2022 and made several attempts to verify the interface. He found that the signature algorithm of the website was relatively simple, so he took advantage of this weakness to write instructions and make hacker software to "hit the library" attack on the website.
If users use the same user name and password on different platforms, the hacker has a "master key": as long as the login is successful, the hacker can get personal information at will.
At the same time, he also used similar methods to infiltrate other major websites and looked for opportunities to inquire about website vulnerabilities, which he used as bait to sell malicious programs and hacker tools he had written to others for profit. Through the unremitting efforts of the police, the task force successfully arrested another suspect, Jiao, in Chengdu, Sichuan, and seized more than 3.3 million pieces of data from various companies and personnel at the scene.
Suspects Yu and Jiao have been criminally detained in accordance with the law for sabotaging the computer information system, and the case is under further processing.
The investigators of the Network Security Corps of the Beijing Municipal Public Security Bureau put forward the following suggestions for setting passwords for users:
Avoid being too simple and easy to guess.
Do not check the options such as "remember password" and "default login" when logging in to personal accounts for public devices. Choose anonymous login as far as possible.
When using third-party App or unknown applications that need to fill in important account passwords, be cautious and minimize the disclosure of detailed personal information.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
CTOnews.com news on November 4, according to the latest report released by market research firm Jon Peddie Research, global PC CPU shipments in the third quarter of 2023 were 62.7 million yuan, a month-on-month increase
CTOnews.com October 27 news, today, Xiaomi released the Redmi projector, the standard version of the first launch of 999 yuan, PRO version of the first release of 1299 yuan CTOnews.com learned that Xiaomi Redmi projector supports 1
"only innovation can lead the future." Lan Han Interactive, a technology company specializing in overseas marketing, has been at the forefront of the interaction between AI and digital media, constantly providing a full range of quality services for Chinese overseas brands. Recently, Lan Han Interactive acts as an agent for Microsoft advertising in China.
Thanks to CTOnews.com netizens Mute, Yong Mi, very home and very afraid of the delivery of clues! CTOnews.com October 24 news, Xiaomi today officially launched a new sports Bluetooth headset, or bone conduction headset-Xiaomi bone conduction headset, today
Thanks to CTOnews.com netizens who are very homesick and afraid of the delivery of clues! CTOnews.com June 11 news, Haikangwei launched A4000 series 2TB PCIe 4.0 solid-state disk, the original price of 549 yuan, June 12