Adobe has confirmed the allegations of an Egyptian hacker, who claims to be in possession of a database of names, email addresses and encrypted passwords of users of Adobe Connect user site. As Reuters tells of the collapse of 150,000 members ConnectUsers.com affected. The site is currently offline.
An earlier report from Computer World According to published the hacker, who calls himself “VirusS_HimA”, data from 230 users on Pastebin. Their e-mail addresses ending exclusively to “adobe.com”. “Mil” and “. Gov”. They included, among others, to various U.S. agencies such as the Departments of Transportation and Homeland Security, the Interior Ministry and the Federal Aviation Administration.
Of these passwords according to Computer World are only the MD5 hashes. However, it is possible with sufficient computing power and the right tools to restore passwords from MD5 hashes. Many MD5 hashes were also already decrypted and also accessible on the Internet. The passwords were stolen by hackers, for example, used to be in the name of a user on sites like Facebook or Twitter to sign up.
According to Reuters, the hacker has provided the data to the Internet to point out that Adobe fixes security problems hesitant. He also announced plans to publish more user data to come from an attack on Yahoo.
Adobe was not the first time the target of a hacker attack. End of September cleared the software company to introduce theft of a security certificate, which is used for code signing. It was possible, malware impersonate legitimate software from Adobe. Early October, Adobe said the certificate invalid, to prevent abuse.