Jun 6, 2012

LinkedIn hacked?

The professional social networking website LinkedIn has been hacked, according to various sites.

I managed to get a copy of the dump:


And as it can be seen, the dump consist of lots of SHA1 hashes. However, something is very wrong with many of these hashes! Apparently the hackers has been adding some kind of padding to some of the hashes.

So far, I can't figure out what's up with this file. Who would dump this? And if you're going to dump this, then why not add mail / names to the list?



Regarding the "padding", then I agree on most of jgrahamc's observations:



But 25 users per hash can't simply be true.
Also, I can't find my password in the file, and my account is from April 2011 ;)

Hopefully more and more sites will begin using a more password-suited algorithm and start using salts!!!

4 comments:

  1. SwopWopDopWapwapJune 12, 2012 at 2:12 PM

    Hej Nicolai,

    Har du en e-mail, hvorpå man kan stille dig spørgsmål vedrørende dine indløg på siden?

    ReplyDelete
  2. Er du stoppet med at skrive nyheder?

    ReplyDelete
  3. Gætter på at han fuckede med de forkerte. Selvom han blev advaret i mod det!

    ReplyDelete
  4. nicolai din lille skid hvor bliver dine nyheder af? pas på dit dox dropper snart lille dreng og så ryger arbejde og frihed

    ReplyDelete

Feel free to write anything :-) Post posted as anonymous, is actually anonymous (i.e. I can't see your IP or anything)