Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Android Forums Suffers Data Breach

Android Forums, one of the most popular online Android communities, informed members this week that the server hosting its website has been breached, allowing attackers to access some user information.

Android Forums, one of the most popular online Android communities, informed members this week that the server hosting its website has been breached, allowing attackers to access some user information.

According to representatives of Neverstill Media, which maintains Android Forums, hackers only managed to access information on 2.5 percent of active users. The compromised data includes email addresses, hashed passwords and salts.

Neverstill said usernames and financial data were not accessed. The company also noted that the breach only affected one staff member and only 40 users who registered accounts in 2016 and 2017. More than half of the compromised accounts had never posted anything on Android Forums, leading developers to believe they may have been bots.Android Forums hacked

Affected users have been notified via email and instructed to change their passwords. The passwords of impacted accounts that had not been active were automatically randomized.

The accessed information can be leveraged for spam and phishing campaigns, and users have been advised to be cautious.

“This could be someone who is upset with us who hopes to use the information against staff. They could blackmail us and threaten to publish the information publicly,” Android Forums told users.

The vulnerability exploited by the attackers has been patched and various security improvements are being made to prevent incidents in the future.

This is not the first time Android Forums has suffered a data breach. A similar incident took place in 2012, when more than one million users, including staff, had their details exposed. At the time, attackers accessed usernames, email addresses, hashed and salted passwords, IPs, and other data.

It’s unclear why usernames have not been stolen in the latest breach, but Android Forums has some theories.

Advertisement. Scroll to continue reading.

“Perhaps just in case a null entry was to be found/flagged. Perhaps they were bound by the limitations of the vector they used. Perhaps they were practicing on us,” users were told. “Or, they could be comparing hashes against the previous set to see what has or has not changed.”

Related: Epic Games Forums Hacked Again

Related: User Data Stolen in Ubuntu Forums Breach

Related: Two Million Impacted by Dota 2 Forum Breach

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Madhu Gottumukkala has been named Deputy Director of the cybersecurity agency CISA.

Wendi Whitmore has taken the role of Chief Security Intelligence Officer at Palo Alto Networks.

Phil Venables, former CISO of Google Cloud, has joined Ballistic Ventures as a Venture Partner.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.