4、信用卡论坛声称掌握1.5亿CloudBleed泄露数据
标题:Carders capitalize on Cloudflare problems, claim 150 million logins for sale
Filed under proof or it didn't happen… but we still don't know the full impact of Cloudflare's incident
作者信息:FEB 25, 2017 12:25 AM PT By Steve Ragan
//BEGIN
A carder forum is advertising a special deal to VIP members. The website claims to possess more than 150 million logins, from a number of services including Netflix and Uber. The source of this data collection are the accounts exposed due to a recent problem on Cloudflare's infrastructure.
CloudBleed is the name given to a flaw created by a faulty HTML parser chain that's responsible for dumping sensitive information from a number of Cloudflare customers across the web.
The flaw was accidentally discovered last week by Google researcher Tavis Ormandy. The incident impacted several large brands, including Uber, OKCupid, and Fitbit.
在一个关于信用卡的论坛上,有人专门针对其VIP会员兜售1.5亿CloudBleed遭泄露数据,这些数据的范围包括Netflix和Uber。但是奇怪的是,这个Netflix公司并不是Cloudflare公司的客户。
//END
CVV2Finder lists Netflix, Dominos, several "People Meet" dating websites, Tidal, CBS, Bitdefender, Origin, Dell, UPS, HBO Now, Spotify, and DirecTV accounts in their database as available to purchase. However, there are only 2,300 accounts, a far cry from the 150 million they are promising.
Again, if the offer is legit, that's bad news for a lot of people and several big brands. But from the looks of things, this is likely a hoax, or a website boasting in order to get more users.
We'll update this article if there is more information.
一个网站CVV2Finder列出了各种网站的数据包含其中。榜上有名的:Netflix,Dominos,各种约会网站,Tidal,CBS,Bitdefender(一个安全公司),Origin,DELL,UPS,HBO Now,Spotify,DirecTV等等。总数2300个,这与宣传的1.5亿相去甚远。
即便是这样,如果这些数据是真的话,那么对于我们很多人以及各大品牌的公司而言,将是一个梦魇。目前目测来看,很像是借这个云出血CloudBleed题材的谎言。不然不会这么凑巧。
点评:云出血的意思是每人都有份? |