[71 / 20 / 39]

>hurr durr le wuhan hacks le WHO passwords

4chan clearly isn't the technical juggernaut it was a decade ago. Did any of you fuckwits even look at the passwords? Many of them are extremely simple. All numbers, or all lower case letters. These weren't "hacked" from the organizations that the email addresses are associated with, these were parsed from cred stuffing lists.The way it works is that retarded user Chang Smoldong, or cdong@bateaters. biohazard.cn signs up for, say, " tinyyellowdicksupportforum.com ", and being a tard, he does it with his work email. That forum gets hacked because the admins are too busy commiserating over how tiny their cocks are to properly salt and hash their password database. The hacker then brute forces the shit out of the database and extracts all the passwords he can in a reasonable timeframe. The email addresses and passwords are dumped into a giant database with similar results from many other hacks, and are often sold. You can tell these were parsed out of such databases because there are seemingly unrelated email addresses with keywords in the password instead of the address itself.You then use a botnet or the like to start brute forcing these logins, using the fact that there are ALWAYS some retards who reuse their passwords. Only a tiny handful will work, if any. Look at the simplicity of the passwords - even a lazy half-assed sys, net, or mail admin is going to have better password requirements than that, if nothing else because the defaults for Active Directory, Azure, and Office 365 are all more strict than that.If you want more information about how this particular hack worked, how you all got duped, and how to do some actual fucking recon on things like this before you blow a bunch of effort for jack shit, ask me whatever. I'm no uber 1337 h@x0r, but I know a thing or three about enterprise setups.