Two providers of Usenet services, UseNeXT and Usenet.nl, were hacked at once. The companies reported about the compromise and blamed the unnamed “partner.”
I note that UseNeXT and Usenet.nl provide a paid service for accessing Usenet at high speeds, since the current free access to Usenet is very slow, insecure and rare. Although today most users are looking for movies, TV shows, music and other content on torrent trackers or streaming services, it might be surprising for someone that a huge number of people still use Usenet and news groups for these purposes.Both companies refused to disclose the name of the fined software provider, and it is not yet clear what exactly the problem was related to: with the Usenet desktop client or with the server service. Whatever it was, both Usenet providers have now shut down their sites to investigate the incident and have already notified law enforcements about the incident.
Unauthorized persons gained access to our infrastructure through a security gap made by the partner company. We are currently analyzing possible damage. Now all systems are disabled for security reasons”, – says the reports of the affected companies.
Both companies also write that as a result of the incident, an unknown attacker gained access to information such as names, billing addresses, payment details (IBAN and account number), as well as other data that users provided during the creation of the account on both sites.
A little more details of what happened revealed TorrentFreak journalists. They found an interesting message in the German Obload forum: the administrator warned users about a serious problem that the Momentum Usenet client had.
So, according to a study by Reddit Tensai, the Momentum client (a relative newcomer to the Usenet scene) not only facilitates access to Usenet, but also collects Usenet user credentials and NZB data, and then uploads it to Newzbee (newzbee[.]Org).
This is the same as using a third-party application to access Netflix, and then discover that it is stealing the username and password of the streaming service”, – say the reporters.
Due to suspicious behavior at Momentum, people were advised to urgently stop using this client and immediately change passwords with their Usenet provider.
TorrentFreak representative tried to contact Momentum and Newzbee at the beginning of this week, however, no one answered their requests, and soon was published message about strange problems encountered by UseNeXT and Usenet.nl providers.
According to the Usenet1 website, Gigaflat, HolmeZ.com, and Momentum Plus also had similar problems, with the last two sites directly linked to the Momentum client.
There is currently no convincing evidence to support a link between Momentum’s suspicious behavior and hacking of large Usenet providers.
However, these two events occurred almost simultaneously, and UseNext mentioned Momentum as a recommended Usenet client on its website (before it was disconnected)”, – notes TorrentFreak.
UseNeXT and Usenet.nl are currently notifying their customers of the urgent need to reset passwords from their accounts. It is also reported that as soon as the sites return to operation, users need to check all Usenet account settings for unauthorized changes, including new rules for automatic message forwarding.
Since users’ payment data also fell into the hands of third parties, in the future it is recommended to monitor suspicious expenses and the state of bank accounts.
Attacks on providers are not uncommon – for example, we reported about hacking of company that controls Greek top-level domains .gr and .el.
Reference:
Usenet is still a popular computer network, users of which can communicate with each other and publish files. The Usenet system was developed by specialists at Duke University (North Carolina, USA) and appeared back in 1980.
Messages that users post to Usenet are organized into thematic categories called newsgroups. In turn, the groups themselves form a hierarchy similar to the structure of domain names. The largest volume of traffic falls on the category of “binary” groups (alt.binaries. *), In which there are sections devoted to movies and TV shows, music, books, computer games and so on. In fact, this is one of the oldest ways to share files on a large scale.
Usenet is part of the Internet, not a separate network from it. Access to Usenet is via the NNTP protocol, through special applications and login nodes (providers such as the affected UseNeXT and Usenet.nl).