Hacker News new | past | comments | ask | show | jobs | submit login

Looks like they used SQL injection to get passwords and then used those passwords to access the servers.

Yeah, and that's from the application layer down to the DB layer. I wonder how they were able to pass through the other layers of the stack. I heck of a work, no wonder they'd spent "months" on it.


The article says that they used the injection to get hashed login credentials. Did they then use a rainbow table to reverse the hashing?

There are a wide myriad of ways that plaintext can be derived from password hashes. Rainbow tables are an option if they're not salted; otherwise the attackers likely had access to fairly significant computing power (considering the amount of money they were raking in) to perform typical dictionary + bruteforce attacks on them.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact