December 28th news, December 19, 2011 has a China hacker called the godfather of Goodwell Gong Wei in the Tencent micro-blog published a micro-blog once again pointed out that the Internet trust crisis triggered at any moment later 48 hours, China Internet ushered in the history of the most catastrophic security incident. Tencent science and technology special invited Gong Yu from a professional point of view of the incident depth analysis.
Gong Wei said that the hackers released a user account for about 100 million of a user account and password information, is expected to master the hacker underground Internet users account for more information, this leaked and published with the actual hackers master user account number compared to the tip of the iceberg, is expected to have nearly 4 to 600 million users the account information spread in the hacker underground areas (2011 Internet data statistics, Chinese Internet users was 480 million), the hackers released a few website data information is the spread of the hacker underground library explosion.
he revealed that a considerable part of the site to store the user password in plaintext, the analysis is expected to have about 200 million of the user’s password is stored in plaintext. More than 90% of the site using the open MD5 algorithm to store the user’s password, through a simple rainbow table collision (a way to crack the password encryption) can be encrypted in a few seconds to decipher the password.
below is the basic timetable for the disclosure of this account:
December 21st: CSDN 640W user accounts, passwords, mailboxes were hackers leaked
December 22nd: China’s major well-known Web site fully occupied. Involving a wide range of disclosure of information related to the user a lot of related business. A sweep of the entire Chinese password security problems broke out..
December 23rd: after confirmation of CSDN leakage play Fantasy Westward Journey through the Trojan leaked account leaked renren.com part of the leaked
December 23rd: friends broke the news of the fall of the earth… 7K7K package contains the account password!!! What is the Internet security???
December 24th: 178 fall UUU9 fall incident spread
December 24th: Horizon full fall leaked up to 900W account information…
December 24th: NetEase civil online also fall, the amount of data amazing
December 25th: Baidu account account information disclosure platform open account
December 25th: Beijing Kirin network Mdt InfoTech Ltd suspected leaked Baidu and PPLive account and password and account information disclosure of all their own…
December 25th: UUU9.COM was dragged two times by hackers..
December 25th: escalation of the situation of the suspected leak 4000W user >