Ashley Madison hackers leave footprints that may help investigators
Ars Technica 2015-08-22
The people who leaked more than 200,000 e-mails from the Ashley Madison dating service for cheaters left behind footprints that will almost certainly be of interest to police and company officials.
The BitTorrent file containing e-mail for Noel Biderman, the CEO of Ashley Madison parent company Avid Life Media, was originally uploaded by someone using a server operated by Ecatel Ltd., a web host headquartered in the Netherlands. A Web interface for administering the BitTorrent server was left exposed to the Internet without a password, making it possible for outsiders to access. A few hours after the BitTorrent went live, the server went dark after an outsider accessed the wide-open interface and began making changes to the server configuration. The above screenshot, published by a Twitter user calling himself Mr. Green, is just one example of such an outside access.
"Somehow, the person(s) setting up the original uploading (=seeding) of the file forgot to password protect the Web interface, or turn the feature off," Per Thorsheim, an independent security researcher in Bergen, Norway, told Ars. "I suspect [the hackers] used the Web interface to administer the various uploads of the leaks using BitTorrent."