In 2012, LinkedIn was the target of a data breach. A hacker got in and stole millions of user details. Username and password hashes were then sold to people willing to buy. This episode goes over the story of what happened.
For a good password manager, check out LastPass.
Darknet Diaries recommends 1Password as a password manager. Try 1Password for FREE! (affiliate link)
Sponsors
Support for this episode comes from Quadrant Information Security. If you need a team of around the clock analysts to monitor for threat in your network using a custom SIEM, check out what Quadrant can do for you by visiting www.quadrantsec.com.
Support for this show comes from Thinkst Canary. Their canaries attract malicious actors in your network and then send you an alert if someone tries to access them. Great early warning system for knowing when someone is snooping around where they shouldn’t be. Check them out at https://canary.tools.
Support for this show comes from Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and get a special offer.
Sources
- https://www.cyberscoop.com/nikulin-trial-linkedin-oleksandr-ieremenko/
- https://pldeb.ru/en/haker-nikulin-poplatilsya-za-nezdorovoe-lyubopytstvo-k-hillari/
- https://blog.linkedin.com/2012/06/06/linkedin-member-passwords-compromised
- https://www.vice.com/en/article/78kk4z/another-day-another-hack-117-million-linkedin-emails-and-password
- https://krebsonsecurity.com/2016/05/as-scope-of-2012-breach-expands-linkedin-to-again-reset-passwords-for-some-users/
- https://www.rferl.org/a/in-u-s-hacker-trial-the-tangled-web-of-russia-s-cyberunderground-is-further-exposed/30472603.html
- Video: Arrest of Yevgeny Nikulin
- PACER court records
Attribution
Darknet Diaries is created by Jack Rhysider.
Episode artwork by odibagas.
Audio cleanup by Proximity Sound.
Sound design by Andrew Meriwether.
Theme music created by Breakmaster Cylinder. Theme song available for listen and download at bandcamp. Or listen to it on Spotify.
Equipment
Recording equipment used this episode was the Shure SM7B, Zoom Podtrak P4, Sony MDR7506 headphones, and Hindenburg audio editor.
Transcript
[START OF RECORDING]
JACK: You ever get fascinated with the cyber-crime supply chain? It’s never a solo hacker doing the whole thing; there’s a lot of layers to this onion. So, let’s say a hacker breaks into a place and steals a bunch of information from some company. Well, next he’ll typically want to sell that data to make some money and do it again, so now you’ve got to find a buyer. But before we even get to the buyer of stolen data, there’s sometimes brokers involved, people who have negotiated deals between hackers and buyers. So you might go to one of these brokers, offer a percentage for selling the database to someone. Now it’s on them to find someone.