Protonmail hacked …. a very strange scam attempt

  • 17 November 2018
  • 1 reply
  • 158 views

Userlevel 7
Badge +54
November 17, 2018  By Pierluigi Paganini
 

A hacker going online by the moniker AmFearLiathMor is claiming to have hacked the most popular end-to-end encrypted email service ProtonMail.

 
At the time it is not clear if the hacker belongs to a cyber crime gang, it claims to have stolen a “significant” amounts of data from the company.
 
The ransom demand (archive.is link) was posted on Pastebin, the hacker claims to have compromised user’s email and also accused ProtonMail of sending user’s decrypted data to American servers.
 
AmFearLiathMor also wrote that ProtonMail hasn’t configured the mandatory Subresource Integrity (SRI) allowing tampering and data collection.
 
“We hacked Protonmail and have a significant amount of their data from the past few months.  We are offering it back to Protonmail for a small fee, if they decline then we will publish or sell user data to the world.” wrote the hacker.
 
Full Article.

1 reply

Userlevel 7
Badge +54
November 16th, 2018,  By Lawrence Abrams
 


 
A person or group claiming to have hacked ProtonMail and stolen "significant" amounts of data has posted a lengthy ransom demand with some wild claims to an anonymous Pastebin. ProtonMail states it's complete BS.
 
According to the message, a hacker going by the name AmFearLiathMor makes quite a few interesting claims such as hacking ProtonMail's services and stealing user's email, that ProtonMail is sending their user's decrypted data to American servers, and that ProtonMail is abusing the lack of Subresource Integrity (SRI) use to purposely and maliciously steal their user's passwords.
 
Full Article.

Reply