Linode VPS信用卡信息被盗

4月12日Linode发布了一个通告 引用如下:

Dear Linode customer,
Linode administrators have discovered and blocked suspicious activity on the Linode network.  This activity appears to have been a coordinated attempt to access the account of one of our customers.  This customer is aware of this activity and we have determined its extent and impact.  We have found no evidence that any Linode data of any other customer was accessed.  In addition, we have found no evidence that payment information of any customer was accessed.
We have been advised that law enforcement officials are aware of the intrusion into this customer’s systems. We have implemented all appropriate measures to provide the maximum amount of protection to our customers. Out of an abundance of caution, however, we have decided to implement a Linode Manager password reset. In so doing, we have immediately expired all current passwords. You will be prompted to create a new password the next time that you log into the Linode Manager. We also recommend changing your LISH passwords and, if applicable, regenerating your API key.
The following represent best practices in creating new passwords:
Avoid using simple passwords based on dictionary words
Never use the same password on multiple sites or services
Never click on ‘reset password’ requests in unsolicited emails – instead go directly to the service
We apologize for the inconvenience. If you have any questions, please do not hesitate to contact our support team at support@linode.com.

大致是说,发现了系统内部有异样,有人试图去获取一些账户信息,但Linode同时说 没发现支付信息和账户信息被盗。然后Linode重置了每个客户账号的密码和API KEY,然后是一些防盗建议

但很讽刺的是,今天黑客组织HTP表示对Linode被入侵事件负责,并生成获取了:加密后的信用卡卡号, 明文卡号后四位,部分用户明文Lish密码,部分用户加密的密码,和API KEY。卡号信息是加密的【比CSDN好一点】,但是该组织同时发布了加密的公钥和私钥【据说还是放在一起的】。

现在就差私钥的passphrase未能获取,一旦passphrase被穷举成功,所有信用卡信息都将暴露【已有多人表示信用卡被盗刷】

因此建议所有的Linode客户,立刻对自己的信用卡采取一些保护措施【例如取消境外支付、把支付限额限定到0或1】乃至换信用卡。信用卡信息一旦完整泄露,国内的银行可说不准是否会拒付,能否追回来,到时候损失的可就不止一点点了

沙发已有 无人占板凳 to “Linode VPS信用卡信息被盗”

  1. illusionwing Says:

    感觉还是挺可怕的。。要跟老爸说让他换卡了。。

    [回复]

为何不留个言呢?

我要把我的最新文章显示在这!