Coral Gables

Cybergroup claims to hack some UM email accounts

MIAMI HERALD STAFF

A group that calls itself “CyberVor’’ has claimed that it hacked the email accounts of about 200 people connected to the University of Miami.

A tweet from the Twitter account of @cybervor posted on July 12 said: “Miami University #Hacked #Leaked.’’ A link led to a website featuring a dragon. The website included a statement in Russian: “We are the Russian dragon of the Internet. You are next. Greetings, University of Miami. We are CyberVor. We have been watching you for many years. … We are evil and hostile, and we don't make compromises. We are tireless.’’

The website included a list of about 200 email addresses and usernames. Most of the email addresses ended in miami.edu. Encrypted passwords were listed as well.

The New York-based IT security company SecurityScorecard said it has investigated the case and that the email addresses belong to the library staff at the university. The company didn’t know whether the hackers decrypted the passwords.

“Even if the hackers did nothing beyond releasing the dumped information — usernames, email addresses, hashed passwords — it is quite possible that unaffiliated third-party hackers cracked the passwords,’’ said Alex Heid, the firm’s chief research officer.

The University of Miami didn't answer questions on the matter. UM spokeswoman Elizabeth Amore said in a short statement: “The incident was minimal and not at all severe. It was resolved asap. Frankly it's a non-story.’’

According to the CyberVor website, staff members of UM used the username “admin’’ and the password “admin.’’

The background of the hackers is vague. In 2014, Alex Holden, a cyber crime expert, said a Russian cybergang had built a database consisting of 1.2 billion stolen user name and password combinations. Holden, chief information security officer for Milwaukee-based Hold Security, was born in Kiev, Ukraine, and speaks Russian.

Holden said the hackers were about a dozen Russian men in the 20s.

Holden noted there were differences between the 1.2 billion breach and the UM case. For one, he said, the hackers in the UM case proclaimed to be “CyberVor.’’ (“Vor” is the Russian word for thief.) But, he said, a cyber gang typically doesn’t give itself a nickname.

“And the Russian language that the UM hackers used in their message seemed to be translated with the help of Google Translate,’’ he said.

To Holden, it seemed as if someone wanted to imitate the “real’’ CyberVor gang.

  Comments