Sign in / up

back to article Dating site PAYS cracker for stealing creds

A blackhat hacker who stole 20 million credentials and attempted to sell some online has been handed a bug bounty by one of his victims, Russian dating site Topface. The mix 'n' meet site was hacked last month by blackhat 'Mastermind' who published millions of email addresses online and was found attempting to hawk the …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Khaptain Silver badge

    Do they choose the correct solution

    "Due to the fact that he (Mastermind) has not passed the data to anyone and has no intention to do so in the future, ... we have paid him an award for finding a vulnerability and agreed on further cooperation in the field of data security," the company said in a statement.

    I am surprised that they didn't pay a "double Silverballer wielding code barred sympathiser " to simply eliminate the threat. In the long run it would probably be a better investment.

    Does anyone know of any updates on any of the blackhats that were employed by the companies that they hacked ? Would be interesting to know how things faired.

    0 0 Reply
  2. Anonymous Coward
    Anonymous Coward

    Uh oh - now they are REALLY in trouble..

    The first rule of blackmail is that you don't give in (because it proves that the offence is profitable, and thus will be repeated), but this is the first time that a company willingly sets itself up for blackmail (and thus a repeat hack). Truly unique. Not wise IMHO, and I *certainly* would not feel comfortable on a site that does this.

    OTOH - what better way to hide some revenue then to pay it to some unknown hacker? Must make nice mattress stuffing.

    2 0 Reply
    1. Voland's right hand Silver badge
      Reply Icon

      Re: Uh oh - now they are REALLY in trouble..

      This is not exactly blackmail. It is standard BUG for BOUNTY negotiation as far as todays security landscape is concerned. If you do not show that you have really broken it, you are not getting any bounty (usually).

      1 1 Reply
      1. Cliff
        Reply Icon

        Re: Uh oh - now they are REALLY in trouble..

        Carrot! However I imagine there's also a fairly hefty yet unreported stick.

        0 0 Reply
  3. amanfromMars 1 Silver badge

    Moving ever on and upward rapidly .......

    Howdy, y’all,

    Regarding ….

    The mix 'n' meet site was hacked last month by blackhat 'Mastermind' who published millions of email addresses online and was found attempting to hawk the credentials on an unnamed criminal bazaar.

    Security firm Easy Solutions unveiled the hack and stated crims would likely use the log ins to attempt to access valuable third party websites.

    Mastermind did not sell the credentials and struck a deal with the company not to do so in the future.

    Under that arrangement Topface awarded the failed fraudster an undisclosed sum.

    "Due to the fact that he (Mastermind) has not passed the data to anyone and has no intention to do so in the future, ... we have paid him an award for finding a vulnerability and agreed on further cooperation in the field of data security," the company said in a statement.

    ….. has “Mastermind” successfully realised a virtual opportunity and exploited an APT ACTive 0day vulnerability which is not a fraudulent failure.

    Bravo, Sir and/or Madam, for of course it could be a selective collective and communal effort. And quite a novel entrepreneurial business methodology/memology for mastering in the Great Internet of Things Games Play Thing.

    And one can be certainly mighty sure. although I’m not so sure one would be so assured, such shenanigans are what the likes of 77th Brigades have to excel at in order to be in any way at all effective and worthwhile in either attack or defence sectors. Anything less and they will be just as white elephants and post modern dinosaurs before they even get stood up and activated.

    Such is the true nature of the Surreal IntelAIgent Beast they covet to harness for/with commandsand controls and which confronts them.

    cc ….. MOD/JTAC/CESG/Commander, Denison Barracks

    5 2 Reply
    1. Elmer Phud
      Reply Icon

      Re: Moving ever on and upward rapidly .......

      I wish to find the local burglar who broke into next door's place and thank him for not breaking in to mine with a small financial consideration.

      Should he break in anywhere else I'd also like to pay him again for not coming near me.

      4 1 Reply
      1. JeffUK
        Reply Icon

        Re: Moving ever on and upward rapidly .......

        "That's a nice website you've got here, would be a shame if something was to ... happen to it."

        0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like