lei feng network news, April 17, foreign media hackread broke, a group called CosmicDark suppliers in dark net selling youku database, the database includes 100759591 youku user account letter.
hackread reported, the database is leaked in 2016, the year exposure on to the Internet, it is unclear how this database is stolen, CosmicDark the database of the selling price was $300, or COINS, 0.2559 2065.56 yuan.
[CosmicDark in dark net selling youku database capture, image: hackread]
it is alleged that the data contains the youku user email address and password, and these letter rates are MD5 and SHA1 hash encryption.
is the full name of the MD5 Message Digest - Algorithm 5 ( rate - the Algorithm), in the early 90 s by the MIT Laboratory for Computer Science and RSA Data Security Inc Ronald l. Rivest developed, the MD2, MD3, MD4.Letter is to make the large capacity interest in using digital signature software before the signing private key is "compressed" into a format that confidentiality (that is, put an arbitrary length byte string into a long integer).
SHA1 hash algorithm is a used for digital signature algorithm, the length less than 2 ^ 64 messages, SHA1 will produce a 160 - bit message digest, the news paper can be used to validate data integrity.
look ye ye strong encryption, right?However, not with X.
do you want to know whether they have the effects?
in the lower part of the url, can also see a "large leakage in the top 10 ranking".
you can see two and is closely related to our accounts - netease and youku on the list.
according to lei feng is understood, CosmicDark was also in the same dark network market, selling 2.1 billion Gmail and Yahoo account letter , who was also the sellers sell 64 0000 encrypted PlayStation accounts, the accounts from 11 by black COINS BBS , in addition, 25 invaded vBulletin BBS millions of accounts are heartless sale.
on April 18, youku response to lei feng network, said: "we are the first time for internal validation and screening, confirm no recent batch account sensitive data leakage. Youku USES the multiple and can't be broken reverse encryption technology, even if the hacker trying to drag library also unable to decipher the user account sensitive . Youku has made a series of risk rules, security authentication and login restrictions."