Our company email system was hacked over the weekend. Someone added about 300k email users to our system, they created and sent a mass email under our name, asking people to download the folding@home executable. It is incredibly strange that someone would do that, so I am asking on this forum for any suggestions? I am not sure why our email provided allowed 300k emails to be sent, but I also do not understand why someone would go to all the trouble to hack our system, create the email so they could install this folding@home executable.
Does anyone have any suggestions or thoughts on this?
Dave
We were hacked
Moderators: Site Moderators, FAHC Science Team
-
Joe_H
- Site Admin
- Posts: 7990
- Joined: Tue Apr 21, 2009 4:41 pm
- Hardware configuration: Mac Studio M1 Max 32 GB smp6
Mac Hack i7-7700K 48 GB smp4 - Location: W. MA
Re: We were hacked
I have changed your Subject line as it suggested you were hacked by the F@h project or its client.
As for why someone might do this, recently the project did announce that it was going to be working on projects related to the COVID-19 virus. Someone either with more enthusiasm than thought may have done this thinking they could recruit more people to the project, or someone could have done the same to discredit the project. In either case, they were violating terms of use and policies that the Folding@home project has.
If you and your provider can identify the source of the hack, that information can be passed on to the F@h Consortium. That can result in a participant being banned if that can be linked to a particular user or team.
As for why someone might do this, recently the project did announce that it was going to be working on projects related to the COVID-19 virus. Someone either with more enthusiasm than thought may have done this thinking they could recruit more people to the project, or someone could have done the same to discredit the project. In either case, they were violating terms of use and policies that the Folding@home project has.
If you and your provider can identify the source of the hack, that information can be passed on to the F@h Consortium. That can result in a participant being banned if that can be linked to a particular user or team.
Re: We were hacked
Yes they did use the COVID-19 as a basis for the email. We are working to identify the source and will let you know.
-
foldy
- Posts: 2040
- Joined: Sat Dec 01, 2012 3:43 pm
- Hardware configuration: Folding@Home Client 7.6.13 (1 GPU slots)
Windows 7 64bit
Intel Core i5 2500k@4Ghz
Nvidia gtx 1080ti driver 441
Re: We were hacked
Were the email links really pointing to folding@home executables? If not it could be worse that a false flag email "Fight against Corona with FAH" could lead to downloading malware.
-
toTOW
- Site Moderator
- Posts: 6394
- Joined: Sun Dec 02, 2007 10:38 am
- Location: Bordeaux, France
- Contact:
Re: We were hacked
Do you still have the content of the mail ? I think it would be interesting to bring all the case to FAH Consortium attention.
Folding@Home beta tester since 2002. Folding Forum moderator since July 2008.
Re: We were hacked
The FAH EULA attempts to combat such hacking, but there's not much else that FAH can do about it. If you provide enough useful information for us to differentiate between the bogus accounts and valid new accounts, we can take block those bogus accounts but we also want to avoid blocking valid accounts.
Posting FAH's log:
How to provide enough info to get helpful support.
How to provide enough info to get helpful support.
Re: We were hacked
@1daveman
This is an act of what would be considered hacktivism. Essentially someone who was able to gain access to your organization (or who already had it) decided to use that access to promote folding@home in the hopes of increasing the crowd sourcing going towards folding COVID-19. These acts are not really uncommon and happen quite frequently in our world today and you will most certainly see more cases (or worse) of this develop in the future if steps are not taken to secure your environment. The individual who did it most likely has an account with folding@home and probably uses it themselves, as contributing would be in line with their ideology. It would also not be surprising if they generally had a large portion of their hardware resources or many old devices contributing to folding. I don't know what your business is but depending on the services rendered this could be related to why your org was targeted. Personally I study cybersecurity and if you are looking for what would drive this kind of behavior you would have to refer to the psychological drivers behind activism and or if ulterior motives are in play here criminal driving forces.
This is an act of what would be considered hacktivism. Essentially someone who was able to gain access to your organization (or who already had it) decided to use that access to promote folding@home in the hopes of increasing the crowd sourcing going towards folding COVID-19. These acts are not really uncommon and happen quite frequently in our world today and you will most certainly see more cases (or worse) of this develop in the future if steps are not taken to secure your environment. The individual who did it most likely has an account with folding@home and probably uses it themselves, as contributing would be in line with their ideology. It would also not be surprising if they generally had a large portion of their hardware resources or many old devices contributing to folding. I don't know what your business is but depending on the services rendered this could be related to why your org was targeted. Personally I study cybersecurity and if you are looking for what would drive this kind of behavior you would have to refer to the psychological drivers behind activism and or if ulterior motives are in play here criminal driving forces.