Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.
News
News Categories
MegaCracker Exposes Mega Passwords
By Hurrairah bin Sohail - on 24 Jan 2013, 10:06am

MegaCracker Exposes Mega Passwords

Source: MegaCracker

With great hype comes great scrutiny. Kim Dotcom's latest venture Mega, which is another cloud storage service, quickly ballooned to over 1 million users after its launch. But the success has also drawn the attention of other parties as well.

Researcher Steve "Sc00bz" Thomas realized there was a weakness in the security of Mega and has released a tool called MegaCracker. This software is capable of extracting the password for a Mega account from the confirmation email. Seeing that the emails are not encrypted, phishing someone's confirmation email should not be too hard for the dedicated.

Apparently the program only isolates the password hash from the confirmation email. Hackers and phishers will still have to use a brute force password guesser to uncover the actual password. Obviously if the password you chose had low strength, the guesswork won't take much time. 

Source: TobTu via Arstechnica


Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.