. However , good news is that all passwords have been reset . Therefore it ’ s too early to assume what happened or how attackers were able to accessAttack.Databreachthe database . Nevertheless , the administrators believe that it could be because of a phishing attackAttack.Phishing. It must be noted that one of the forum ’ s staff members was also impactedAttack.Databreachby the breachAttack.Databreachwhich is not surprising since hackers are successfully cracking passwords from previous data breachesAttack.Databreachand using them for further attacks . More : 21 Million Decrypted Gmail , 5 Million Yahoo Accounts Being Sold on Dark Web The forum is implementing new security measures including site-wide HTTPS support , 2-step authentication requirement for their staff and passwords randomizing of inactive accounts . This is not the first time when Android Forums was security issues . In 2012 , the forum suffered a massive data breachAttack.Databreachin which user credentials of 1 million users were stolenAttack.Databreach. At the time of publishingAttack.Phishingthis article , the Android Forums was down for scheduled maintenance but you can still go through the security notice through Google Cache
To understand why it is so difficult to defend computers from even moderately capable hackers , consider the case of the security flaw officially known asVulnerability-related.DiscoverVulnerabilityCVE-2017-0199 . The bug was unusually dangerous but of a common genre : it was in Microsoft software , could allow a hacker to seize control of a personal computer with little trace , and was fixedVulnerability-related.PatchVulnerabilityApril 11 in Microsoft ’ s regular monthly security update . But it had traveled a rocky , nine-month journey from discovery to resolution , which cyber security experts say is an unusually long time . Google ’ s security researchers , for example , give vendors just 90 days’ warningVulnerability-related.DiscoverVulnerabilitybefore publishingVulnerability-related.DiscoverVulnerabilityflaws they findVulnerability-related.DiscoverVulnerability. Microsoft Corp ( MSFT.O ) declined to say how long it usually takes to patchVulnerability-related.PatchVulnerabilitya flaw . While Microsoft investigated , hackers foundVulnerability-related.DiscoverVulnerabilitythe flaw and manipulated the software to spy on unknown Russian speakers , possibly in Ukraine . And a group of thieves used it to bolster their efforts to stealAttack.Databreachfrom millions of online bank accounts in Australia and other countries . Those conclusions and other details emerged from interviews with researchers at cyber security firms who studied the events and analyzed versions of the attack code . Microsoft confirmed the sequence of events . The tale began last July , when Ryan Hanson , a 2010 Idaho State University graduate and consultant at boutique security firm Optiv Inc in Boise , foundVulnerability-related.DiscoverVulnerabilitya weakness in the way that Microsoft Word processes documents from another format . That allowed him to insert a link to a malicious program that would take control of a computer . The company often pays a modest bounty of a few thousands dollars for the identification of security risks . Soon after that point six months ago , Microsoft could have fixedVulnerability-related.PatchVulnerabilitythe problem , the company acknowledgedVulnerability-related.DiscoverVulnerability. But it was not that simple . A quick change in the settings on Word by customers would do the trick , but if Microsoft notifiedVulnerability-related.DiscoverVulnerabilitycustomers about the bug and the recommended changesVulnerability-related.PatchVulnerability, it would also be telling hackers about how to break in . Alternatively , Microsoft could have createdVulnerability-related.PatchVulnerabilitya patch that would be distributedVulnerability-related.PatchVulnerabilityas part of its monthly software updates . But the company did not patch immediatelyVulnerability-related.PatchVulnerabilityand instead dug deeper . It was not aware that anyone was using Hanson ’ s method , and it wanted to be sure it had a comprehensive solution . “ We performedVulnerability-related.PatchVulnerabilityan investigation to identify other potentially similar methods and ensure that our fix addresses [ sic ] more than just the issue reported , ” Microsoft said through a spokesman , who answered emailed questions on the condition of anonymity . “ This was a complex investigation. ” Hanson declined interview requests . The saga shows that Microsoft ’ s progress on security issues , as well as that of the software industry as a whole , remains uneven in an era when the stakes are growing dramatically . Finally , on the Tuesday , about six months after hearing from Hanson , Microsoft madeVulnerability-related.PatchVulnerabilitythe patch availableVulnerability-related.PatchVulnerability. As always , some computer owners are lagging behind and have not installed it . Ben-Gurion University employees in Israel were hacked , after the patch , by attackers linked to Iran who took over their email accounts and sent infected documents to their contacts at technology companies and medical professionals , said Michael Gorelik , vice president of cyber security firm Morphisec . When Microsoft patchedVulnerability-related.PatchVulnerability, it thanked Hanson , a FireEye researcher and its own staff . A six-month delay is bad but not unheard of , said Marten Mickos , chief executive of HackerOne , which coordinates patching efforts between researchers and vendors . “ Normal fixing times are a matter of weeks , ” Mickos said . Privately-held Optiv said through a spokeswoman that it usually gives vendors 45 days to makeVulnerability-related.PatchVulnerabilityfixes before publishing researchVulnerability-related.DiscoverVulnerabilitywhen appropriate , and that it “ materially followed ” that practice in this case . If the patchingVulnerability-related.PatchVulnerabilitytook time , others who learned of the flaw moved quickly . On the final weekend before the patch , the criminals could have sold it along to the Dridex hackers , or the original makers could have cashed in a third time , Hultquist said , effectively staging a last clearance sale before it lost peak effectiveness . It is unclear how many people were ultimately infected or how much money was stolen .