Slack Archives – Gridinsoft Blog https://gridinsoft.com/blogs/tag/slack/ Welcome to the Gridinsoft Blog, where we share posts about security solutions to keep you, your family and business safe. Thu, 23 Feb 2023 16:08:21 +0000 en-US hourly 1 https://wordpress.org/?v=90883 200474804 Hackers Broke into Activision’s Slack and Stole Data https://gridinsoft.com/blogs/activisions-slack/ https://gridinsoft.com/blogs/activisions-slack/#respond Thu, 23 Feb 2023 16:08:21 +0000 https://gridinsoft.com/blogs/?p=13486 Activision, the publisher of computer games (including the Call of Duty franchise), reported a security breach that occurred back in early December 2022 through the corporate messenger Slack. Let me remind you that we also wrote that Hackers compromised Slack private GitHub repositories, and also that Mirai Botnet RapperBot Conducts DDoS Attacks on Game Servers.… Continue reading Hackers Broke into Activision’s Slack and Stole Data

The post Hackers Broke into Activision’s Slack and Stole Data appeared first on Gridinsoft Blog.

]]>

Activision, the publisher of computer games (including the Call of Duty franchise), reported a security breach that occurred back in early December 2022 through the corporate messenger Slack.

Let me remind you that we also wrote that Hackers compromised Slack private GitHub repositories, and also that Mirai Botnet RapperBot Conducts DDoS Attacks on Game Servers.

It turned out that hackers gained access to one of the company’s internal Slack channels and stole data, and the incident became publicly known only thanks to a report by Vx-underground security experts and media publications.

Vx-underground specialists posted on Twitter a number of edited screenshots received directly from the attackers. The screenshots, dated December 4, 2022, showcase Activision’s confidential working papers related to the Call of Duty franchise, as well as the content release schedule for the coming year, through November 17.

Activision's Slack

The researchers reported that the hack was carried out due to a successful phishing attack on one of the company’s employees. After that, the hackers penetrated the Activision Slack channel, and also tried to compromise other employees, but no one else fell for phishing.

Let me remind you that the media wrote that Russian Hackers Launched a Massive Spear-Phishing Campaign.

At the same time, Vx-underground emphasized that Activision generally kept silent about this attack.

Now, after numerous questions from the media, company representatives were forced to confirm the hack. At the same time, the company assures that the incident did not affect the source codes of the games and the personal data of the players.

On December 4, 2022, our information security team promptly responded to an SMS phishing attempt and stopped it. After a thorough investigation, we have determined that access to confidential employee data, game code, or player data has not been obtained.Activision said in an official statement.

At the same time, the company did not specify what kind of data the hackers still got access to (in addition to the content release schedule for Call of Duty).

The publication Insider Gaming, which claims to have received and analyzed this leak in its entirety, reports that among the stolen information there are full names, email addresses, phone numbers, salaries and other data of employees. Moreover, according to journalists, the compromised Activision employee works in the personnel department and has access to a large amount of confidential data.

The post Hackers Broke into Activision’s Slack and Stole Data appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/activisions-slack/feed/ 0 13486
Hackers compromised Slack private GitHub repositories https://gridinsoft.com/blogs/slack-repositories-on-github/ https://gridinsoft.com/blogs/slack-repositories-on-github/#respond Wed, 11 Jan 2023 10:48:11 +0000 https://gridinsoft.com/blogs/?p=13163 On December 31, while everyone was celebrating the New Year, Salesforce, the company behind the development of the corporate Slack messenger, published a message about the incident of compromising Slack repositories on GitHub. Let me remind you that recently MI also wrote that Slack Is Resetting User Passwords Due to a Bug, and also that… Continue reading Hackers compromised Slack private GitHub repositories

The post Hackers compromised Slack private GitHub repositories appeared first on Gridinsoft Blog.

]]>

On December 31, while everyone was celebrating the New Year, Salesforce, the company behind the development of the corporate Slack messenger, published a message about the incident of compromising Slack repositories on GitHub.

Let me remind you that recently MI also wrote that Slack Is Resetting User Passwords Due to a Bug, and also that Slack Connect DM new feature drew a barrage of criticism.

The attack by unknown attackers affected some of the company’s private GitHub repositories, but it is reported that Slack’s core codebase and customer data were not affected.

On December 29, 2022, we received a notice of suspicious activity on our GitHub account. During our investigation, we discovered that a limited number of Slack employee tokens were stolen and used to gain access to our external GitHub repository. The investigation also showed that on December 27, an attacker downloaded our private repositories. None of these repositories contained customer data, customer data access tools, or the core Slack codebase.reads the official release of the incident.

Slack representatives write that the stolen tokens have already been invalidated, and the investigation of the “potential impact” of this attack on customers is still ongoing. So far, there has been no indication that hackers have gained access to any sensitive areas or Slack workspaces. However, as a precaution, the company has changed the relevant secrets.

Based on the information currently available, the unauthorized access was not the result of a vulnerability in Slack.the company's security team said.

At the same time, journalists drew attention to a number of oddities associated with the disclosure of data about this incident. Thus, Bleeping Computer notes that the message about the attack was published on December 31, when most people are busy celebrating the New Year.

In addition, the report was initially not displayed at all on the international version of the company’s blog, and in some regions (for example, in the UK), the publication was marked noindex, which is used to exclude web pages from search results and make them much more difficult to detect. However, Google successfully indexed a post for the US published without the noindex tag.

Slack repositories on GitHub

As a result, according to ArsTechnica, although the message about the incident appeared on the network as early as December 31, search engines and the Internet Archive practically “did not see” it until January 5-6. It seems that the Slack developers were trying to prevent this newsletter from being indexed by search engines and to limit the publicity of what happened.

Let me remind you that the media also wrote that Facebook incorporates hidden codes in photos for download.

The post Hackers compromised Slack private GitHub repositories appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/slack-repositories-on-github/feed/ 0 13163
Slack Is Resetting User Passwords Due to a Bug https://gridinsoft.com/blogs/slack-resets-user-passwords/ https://gridinsoft.com/blogs/slack-resets-user-passwords/#respond Tue, 09 Aug 2022 09:03:02 +0000 https://gridinsoft.com/blogs/?p=9860 Slack developers have notified about 0.5% of users that they are forcibly resetting their passwords due to a bug. They will need to change their passwords due to a recently fixed bug that exposed salted password hashes when creating or revoking invite links. Let me remind you that we also wrote that ToTok messenger turned… Continue reading Slack Is Resetting User Passwords Due to a Bug

The post Slack Is Resetting User Passwords Due to a Bug appeared first on Gridinsoft Blog.

]]>
Slack developers have notified about 0.5% of users that they are forcibly resetting their passwords due to a bug. They will need to change their passwords due to a recently fixed bug that exposed salted password hashes when creating or revoking invite links.

Let me remind you that we also wrote that ToTok messenger turned out to be a tool for total tracking, and also that UseCrypt Messenger developers filed a lawsuit against IS researcher for finding bugs.

The official announcement states that the mentioned bug was discovered and fixed in the Slack Shared Invite Link feature, which allows Slack Workspace owners to create special links. With such a link, anyone can join the conversation, and this feature was created as an alternative to inviting people one at a time.

On August 4, 2022, we notified approximately 0.5% of Slack users that we reset their passwords in response to a bug that occurred when users created or revoked a Shared Invite Link for their workspace. When a user performed either of these actions, Slack transmitted a hashed version of their password to other workspace members.Slack developers said.

Links created or revoked by users between April 17, 2017 and July 17, 2022 were found to expose their hashed passwords via web socket to all Slack-connected workspace members.

Such a hashed password was not visible in any Slack client; detection required active monitoring of encrypted network traffic originating from Slack servers. The error was discovered by an independent researcher and disclosed on July 17, 2022. Upon receiving the researcher’s report, we immediately fixed the underlying issue and then began to investigate its potential impact on our customers. We have no reason to believe that this bug has allowed anyone to obtain unencrypted passwords, however, for security reasons, we have reset passwords for all affected users.the Slack engineers explain.

Slack also reminded that all users are encouraged to use multi-factor authentication, as well as install updates in a timely manner and use up-to-date anti-malware tools.

What to do if Slack resets your password?

The developers claim that all active accounts requiring a password reset receive direct notifications with instructions. For information about resetting your password, you can visit the Slack Help Center at any time.

The post Slack Is Resetting User Passwords Due to a Bug appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/slack-resets-user-passwords/feed/ 0 9860