Monday, January 31, 2011

Dating Site PlentyofFish Hacked in Bizarre Scheme

Dating site was hit by hackers this weekend, but rather than a quick data grab, the alleged hacker carried out a scheme that involved tales of Russian mobsters, extortion plots, late-night phone calls, and a noted tech reporter, according to the site's CEO.
The hackers successfully exported 345 accounts from the PlentyofFish (POF) database, and then tried to convince the site to hire them as a security team. If POF refused, the hackers said they would release the data to the press, the company said.
"The breach was sealed in minutes and the Plentyoffish team had spent several days testing its systems to ensure no other vulnerabilities were found. Several security measures, including forced password reset, had been imposed," POF said in a statement. "Plentyoffish is bringing on several security companies to perform an external security audit, and will take all measures necessary to make sure our users are safe."
The back story, however, is a but more juicy - and weird. POF chief executive Marcus Frind on Monday published a lengthy blog post that he said was not an official statement from his company but instead a "a personal post about what it feels like to be hacked /extorted and the intense pressure and stress you are put under."
According to Frind, an Argentinian hacker named Chris Russo contacted him to say that Russian hackers had taken over his computer, were downloading the site's database, and had threatened to kill him. Russo was allegedly in a panic and told Frind that he had to fly to Argentina or Washington, DC to help stop the attacks.
Russo "says the Russians have complete access to everything including our bank accounts, and they want to steal about $30 million from a string of dating sites including ours," Frind wrote. "Not only that, he tells us 5 or 6 other dating sites in the industry have been breached, and he gives me what he claims is the administrative password for a dating company I won't name but it's very famous."
Later, Russo and a business partner identified as Luca tell Frind that "in exchange for complete access to all of our source code and SQL servers they can make sure we aren't attacked again," Frind wrote.
Frind said he responded by saying that he would "sue them out of existence if the data comes out." He then apparently e-mailed Russo's mother, but did not say if that helped the situation.
Frind also said he received a phone call from former Washington Post reporter Brian Krebs asking about the security breach. Given that Krebs and Russo were friends on Facebook, Frind said he initially suspected that Krebs might in on the hack, but later reconsidered.
"Just to be clear krebs didn't have anything to do with this. I was trying to convey how the hacker tried to create a mass sense of confusion at all times so you never know whats real and what is not," Frind wrote in an update to his blog post.
On his own blog, Krebs acknowledged that Frind had "mildly" backtracked on accusing him of participating in the hack. Krebs wrote that Russo contacted him earlier this month to say that he had found flaws in that allowed him to view account and password information about POF users.
"He said the information was being circulated in the hacker community, and that he could prove the flaws existed if I simply created a free user account on the site. I did so, and Russo proceeded to read me my registration information," Krebs said.


No comments: