Nearly 25,000 email addresses and passwords allegedly from NIH, WHO, Gates Foundation and others are dumped online

Unknown activists have posted nearly 25,000 email addresses and passwords allegedly belonging to the National Institutes of Health, th...


Unknown activists have posted nearly 25,000 email addresses and passwords allegedly belonging to the National Institutes of Health, the World Health Organization, the Gates Foundation and other groups working to combat the coronavirus pandemic, according to the SITE Intelligence Group, which monitors online extremism and terrorist groups.
While SITE was unable to verify whether the email addresses and passwords were authentic, the group said the information was released Sunday and Monday and almost immediately used to foment attempts at hacking and harassment by far-right extremists. An Australian cybersecurity expert, Robert Potter, said he was able to verify that the WHO email addresses and passwords were real.

The risk of new intrusions from the publication of email addresses and passwords is hard to measure because government and business organizations often use multi-factor authentication, which requires a temporary code or a physical token to access a computer system — even when an attacker has a valid password. U.S. government agencies use multi-factor authentication widely, though not universally, with the most sensitive computer systems most likely to have this extra layer of protection against intruders, say people familiar with federal information technology guidelines.
The lists of user credentials, whose origins are unclear, appear to have first been posted to Pastebin, a text storage site. A link to that material was then posted to 4chan, a message board notorious for its hateful and extreme political commentary, and later to Twitter and far-right extremist channels on Telegram, a messaging app.
“Neo-Nazis and white supremacists capitalized on the lists and published them aggressively across their venues,” said Rita Katz, SITE’s executive director. “Using the data, far-right extremists were calling for a harassment campaign while sharing conspiracy theories about the coronavirus pandemic. The distribution of these alleged email credentials were just another part of a months-long initiative across the far right to weaponize the covid-19 pandemic.”
The report by SITE, based in Bethesda, Md., said the largest group of alleged emails and passwords was from the NIH, with 9,938 found on lists posted online. The Centers for Disease Control and Prevention had the second-highest number, with 6,857. The World Bank had 5,120. The list of WHO addresses and passwords totaled 2,732, according to SITE’s report.
Smaller numbers of entries were listed for the Gates Foundation, a private philanthropic group whose co-founder, Microsoft co-founder Bill Gates, last week announced $150 million in new funding to combat the pandemic. Also targeted was the Wuhan Institute of Virology, a Chinese research center in the city where the pandemic began that has been accused of a role in triggering the outbreak.
The NIH issued a statement Wednesday saying, “We are always working to ensure optimal cyber safety and security for NIH and take appropriate action to address threats or concerns. We do not comment on specific cybersecurity matters, as such information could be used to undertake malicious activities.”
NIH and other affected institutions declined to say whether they use multi-factor authentication, but current and former employees said that such protections had become routine within federal agencies.

The World Bank declined to comment and the CDC did not reply to requests for comment. The Gates Foundation said in a statement, “We are monitoring the situation in line with our data security practices. We don’t currently have an indication of a data breach at the foundation.”
WHO confirmed the incident in a statement Wednesday that cited a higher number of exposed credentials, 6,835, than had been reported by SITE. But WHO said only 457 of those were active and valid, and none of those were compromised. “As a precaution, passwords have now been reset for the 457 users whose email addresses were exposed,” the WHO statement said.
The FBI declined to comment.
Twitter spokeswoman Katie Rosborough said, “We’re aware of this account activity and are taking widespread enforcement action under our rules, specifically our policy on private information. We’re also taking bulk removal action on the URL that links to the site in question.”
Potter, chief executive of Australian company Internet 2.0, said he was able to gain access into the WHO computer systems using email addresses and passwords posted on the Internet. The WHO has come under heavy criticism, including from President Trump, who suspended funding to it, for its response to the novel coronavirus and has been accused of being too deferential to China.
“Their password security is appalling,” Potter said of the WHO. “Forty-eight people have ‘password’ as their password.” Others, he said, had used their own first names or “changeme.”
Potter said the alleged email addresses and passwords may have been purchased from vendors on the dark Web, a portion of the Internet that is not indexed by most search engines and where hacked information often is posted for sale. He said the WHO credentials appear to have come from a hack in 2016.
Katz, of SITE, said that while material from old hacks does appear on the dark Web occasionally, “we have not yet found any rock-solid proof of that for this specific case.”
References to the hacked information already are being deployed online to fuel disinformation, including linking HIV, the virus that causes AIDS, to the coronavirus.
Among the most prominent Telegram venues to share the information was the neo-Nazi channel “Terrorwave Refined,” a prominent recruiting and support channel for neo-Nazi groups such as Azov Battalion, the Base and Nordic Resistance Movement. In the past four months, the number of users subscribed to Terrorwave Refined has increased by 30 percent, with the channel now hosting over 5,300 followers.
Terrorwave Refined shared tweets and a thread on 9chan, another message board popular with extremists, containing the addresses and passwords. Terrorwave Refined posted a meme that implied that information seized through the email addresses and passwords “confirmed that SARS-Co-V-2 was in fact artificially spliced with HIV,” referring to the scientific name for the coronavirus.
A Twitter post with links to the data said, “Anons know what to do...make this go viral” — a likely reference to anonymous followers.

COMMENTS

Sponsor

Name

Business,1,car,1,Cultural,1,Donald Trump,1,Entertain,1,Germany,1,GPU,1,James Webb,1,Law,1,NASA,1,news,4,Photography-nature,2,‎Presidency,1,Russian,1,Sport,1,technology,3,Tourism,2,Ukraine,1,world,3,
ltr
item
news 24h: Nearly 25,000 email addresses and passwords allegedly from NIH, WHO, Gates Foundation and others are dumped online
Nearly 25,000 email addresses and passwords allegedly from NIH, WHO, Gates Foundation and others are dumped online
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEioR9MOUVWYsAGw_U-e2b-zynnpv0kZLWgrQJcQKlDx7KYSOSS216Wm2QNLwG8vwuAaSqqV3XCrYNwEIqGAz3XrZgyMov3tUZgc7TUBTQtT_-rJsExUEAcZllEGYTQXos1pkElGfZcTYSg/s320/imrs.jpg
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEioR9MOUVWYsAGw_U-e2b-zynnpv0kZLWgrQJcQKlDx7KYSOSS216Wm2QNLwG8vwuAaSqqV3XCrYNwEIqGAz3XrZgyMov3tUZgc7TUBTQtT_-rJsExUEAcZllEGYTQXos1pkElGfZcTYSg/s72-c/imrs.jpg
news 24h
https://en.openvnn.com/2020/04/nearly-25000-email-addresses-and.html
https://en.openvnn.com/
https://en.openvnn.com/
https://en.openvnn.com/2020/04/nearly-25000-email-addresses-and.html
true
3292707429657344756
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content

Type something and Enter×