• IP addresses are NOT logged in this forum so there's no point asking. Please note that this forum is full of homophobes, racists, lunatics, schizophrenics & absolute nut jobs with a smattering of geniuses, Chinese chauvinists, Moderate Muslims and last but not least a couple of "know-it-alls" constantly sprouting their dubious wisdom. If you believe that content generated by unsavory characters might cause you offense PLEASE LEAVE NOW! Sammyboy Admin and Staff are not responsible for your hurt feelings should you choose to read any of the content here.

    The OTHER forum is HERE so please stop asking.

Hackers attack 20 million accounts on Alibaba's Taobao shopping site

AnonOps

Alfrescian
Loyal


Thu Feb 4, 2016 5:21am EST

Hackers attack 20 million accounts on Alibaba's Taobao shopping site


BEIJING

r


A logo of Alibaba Group is pictured at its headquarters in Hangzhou, Zhejiang province, China, October 14, 2015. REUTERS/Stringer/Files

Hackers in China attempted to access over 20 million active accounts on Alibaba Group Holding Ltd's Taobao e-commerce website using Alibaba's own cloud computing service, according to a state media report posted on the Internet regulator's website.

Analysts said the report from The Paper led to the price of Alibaba's U.S.-listed shares falling as much as 3.7 percent in late Wednesday trade.

An Alibaba spokesman on Thursday said the company detected the attack in "the first instance", reminded users to change passwords, and worked closely with the police investigation.

Chinese companies are grappling a sharp rise in the number of cyber attacks, and cyber security experts say firms have a long way to go before defenses catch up to U.S. counterparts.

In the latest case, hackers obtained a database of 99 million usernames and passwords from a number of websites, according to a separate report on a website managed by the Ministry of Public Security.

The hackers then used Alibaba's cloud computing platform to input the details into Taobao. Of the 99 million usernames, they found 20.59 million were also being used for Taobao accounts, the ministry website said.

The hackers started inputting the details into Taobao in mid-October and were discovered in November, at which time Alibaba immediately reported the case to police, the ministry website said. The hackers have since been caught, it said.

Alibaba's systems discovered and blocked the vast majority of log-in attempts, according to the ministry website.

The hackers used compromised accounts to fake orders on Taobao, a practice known as "brushing" in China and used to raise sellers' rankings, the newspaper said. The hackers also sold accounts to be used for fraud, it said.

Alibaba's spokesman said the hackers rented the cloud computing service, but declined to comment on security measures designed to stop the system being used for the attack. He said they could have used any such service, and that the attack was not aided by any possible loopholes in Alibaba's platform.

"Alibaba's system was never breached," the spokesman said.

The number of accounts, 20.59 million, represents about 1 out of every 20 annual active buyers on Alibaba's China retail marketplaces.

(Reporting by Paul Carsten; Additional reporting by Beijing Newsroom; Editing by Christopher Cushing)




 

AnonOps

Alfrescian
Loyal


Hackers trying to attack Alibaba's Taobao

CRI, February 5, 2016

Hackers in China attempted to access over 20 million accounts on Alibaba's e-commerce site Taobao last year.

A Police investigation shows hackers obtained 99 million user names and passwords from a number of websites, over 20 million of which were also being used for Taobao accounts.

The hackers were discovered by Alibaba in November after they tried inputting details into Taobao.

Earlier, it was reported that hackers had used Alibaba's own cloud computing to access users' accounts in Taobao. But a spokesperson for Alibaba has denied that report, saying the hackers had used outside software to attack the site instead of Alibaba's cloud service.

Meanwhile, the spokesperson said the company detected the hacking in "the first instance," and reminded users to regularly change passwords.




 
Top