Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Android Forums Suffers Data Breach

Android Forums, one of the most popular online Android communities, informed members this week that the server hosting its website has been breached, allowing attackers to access some user information.

Android Forums, one of the most popular online Android communities, informed members this week that the server hosting its website has been breached, allowing attackers to access some user information.

According to representatives of Neverstill Media, which maintains Android Forums, hackers only managed to access information on 2.5 percent of active users. The compromised data includes email addresses, hashed passwords and salts.

Neverstill said usernames and financial data were not accessed. The company also noted that the breach only affected one staff member and only 40 users who registered accounts in 2016 and 2017. More than half of the compromised accounts had never posted anything on Android Forums, leading developers to believe they may have been bots.Android Forums hacked

Affected users have been notified via email and instructed to change their passwords. The passwords of impacted accounts that had not been active were automatically randomized.

The accessed information can be leveraged for spam and phishing campaigns, and users have been advised to be cautious.

“This could be someone who is upset with us who hopes to use the information against staff. They could blackmail us and threaten to publish the information publicly,” Android Forums told users.

The vulnerability exploited by the attackers has been patched and various security improvements are being made to prevent incidents in the future.

This is not the first time Android Forums has suffered a data breach. A similar incident took place in 2012, when more than one million users, including staff, had their details exposed. At the time, attackers accessed usernames, email addresses, hashed and salted passwords, IPs, and other data.

It’s unclear why usernames have not been stolen in the latest breach, but Android Forums has some theories.

Advertisement. Scroll to continue reading.

“Perhaps just in case a null entry was to be found/flagged. Perhaps they were bound by the limitations of the vector they used. Perhaps they were practicing on us,” users were told. “Or, they could be comparing hashes against the previous set to see what has or has not changed.”

Related: Epic Games Forums Hacked Again

Related: User Data Stolen in Ubuntu Forums Breach

Related: Two Million Impacted by Dota 2 Forum Breach

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.