Dropbox Hack A Hoax

Dropbox Hack A Hoax

For a moment there, it appeared as though popular cloud storage service Dropbox had been hacked, with the user database accessed and user emails being exposed. Two loosely affiliated wings of hacker collective Anonymous, AnonOpsKorea and The 1775 Sec, claimed credit, but the whole thing was just a hoax timed to coincide with scheduled Dropbox site maintenance.

Dropbox issues
Credit: TechCrunch

The two groups both claimed that they compromised the Dropbox website Friday evening and accessed the site’s database, but shortly thereafter Wesley McGrew of McGrew Security noted in a tweet that the emails in the supposed database leak matched something that’s been posted on Pastebin for over a month.

1775 Sec Dropbox

In short order, The 1775 Sec was tweeting that they didn’t hack the user database but instead hit Dropbox with an effective DDoS attack, and then took the tack that they did it in honor of activist Aaron Swartz. (And also for the lulz.)

1775 Sec Dropbox

Dropbox has strongly denied that it was the victim of a hack and posted a blog stating that the outage happening during routine maintenance. “This was caused during routine internal maintenance, and was not caused by external factors. We are working to fix this as soon as possible. We apologize for the inconvenience,” reads the post in part.

However, Dropbox may not be entirely forthcoming about the truth; it’s clear that the database was not hacked, but saying that “external factors” were not at play discounts the claim that there was a DDoS attack. A DDoS attack is a far cry from a hack, but it still counts as an attack of sorts. However, the effectiveness of the DDoS effort were Dropbox not in the middle of maintenance is up for debate.

Anonymous 1775 Sec Dropbox

The 1775 Sec doesn’t come out looking so hot, itself. It seems as though the group was perhaps looking for some notoriety and made a bold claim that was quickly debunked, and then it pivoted and said the whole thing was intended to troll the media. But it also--inadvertently or not--also trolled Anonymous, and did so in the name of anti-hero Aaron Swartz, which probably wasn’t a great idea. There may be some backlash coming there.
0
+ -

it would be real great if the ddos attacks only render the attackers machines and devices useless, all u must do is change ur IP and/or the other things associated with it such as cloud service, those ddos fools are an inconvenience, nothing special in life really is them and all of them bore me completely, i feel like throwing up each time i read another nonsense and useless actions more by those whoever they are, anonymous nothing, if you are unable to speak without hiding then nothing you have to say means anything so really shut up and let the rest of us people enjoy our lives without you hindering us more, people as that are the reasons why all of us are still in the dark ages even though we do have electricity and internet.

0
+ -

> if you are unable to speak without hiding then nothing you have to say means anything so really shut up

And that's how you prevent people from revealing things like Watergate.

Sometimes, anonymity is necessary... unless you want to end up dead from a hit and run... or spend the rest of your life on the run in Russia... or be imprisoned forever in an Ecuadorian embassy.

However, yeah... reports indicate these guys were just being asshats in this instance.

Of course, Dropbox has had plenty of other security breaches, and you really shouldn't put anything up there that you want to keep private (http://blogs.csoonline.com/data-privacy/2777/dropbox-peeking-your-files).  I can see why some people would not be too keen on them.

Login or Register to Comment
Post a Comment
Username:   Password: