February 9, 2016 by

Brute-Force Attacks Affects Millions of Alibaba Accounts

A brute-force attack on TaoBao, an ecommerce site by Alibaba may have compromised up to 21 million user accounts.

TaoBao, an online marketplace that could be compared to a version of eBay in China has been the target of a prolonged cyberattack that lasted between mid-October to November in 2015.

The country’s Ministry of Public Security revealed that a database of 99 million usernames and passwords were breached, with the attackers managing to compromise some 20.6 million accounts – essentially one in every five user accounts.

With some irony, the hackers used Alibaba’s own cloud computing service while targeting and successfully gaining access to some 20 million active accounts.

The hackers used Alibaba’s cloud computing platform to input details into Taobao after amassing a database containing nearly 100 million usernames and passwords from a number of varying websites.

The process of entering details into Taobao began in mid-October and was only discovered in November. At this stage, Alibaba had notified the breach to the police and the hackers have since been caught.

The Ministry website further revealed that Alibaba’s security systems successfully detected and blocked a significant majority of login attempts. Furthermore, a practice called “brushing” a practice that sees compromised accounts used to raise seller’s rankings. It was also revealed that the hackers sold several accounts’ credentials for fraudulent purposes.

A spokesperson for Alibaba revealed that the company was able to detect the attack at an early stage or at “the first instance.” However, users were asked to change passwords while the company is working closely with law enforcement.

A spokesman for Alibaba also claimed that the hackers had indeed rented its cloud computing service to initiate the attack. However, the spokesman stopped short of detailing the security measures in place which allowed the attack to occur. He added that the malicious attackers could have used any similar cloud computing platform for the attack. Furthermore, he denied the possibility that an attack initiated from Alibaba’s own cloud service may have taken advantage of possible loopholes in the interconnected platform.

“Alibaba’s system was never breached,” the spokesman confirmed.

As things stand, experts note that Chinese companies are having to deal with a significant spike in the number of cyber-attacks. They also added that China has a long road ahead to shore up on its defenses before being able to stand on par with US-based firms.

Image credit: Flickr.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Simple Brute Force Cyberattack Compromises the UK Parliament's Email System

The British Parliament’s email system was struck by a brute-force attack over the weekend by an...

Read more arrow_forward