It’s thought the passwords and email addresses of more than 6,000 users of YP Chat were put at risk.

In a statement, YouPorn said YP Chat is “operated by a third party and is in no way associated with YouPorn”.

The company say the chat site has been temporarily disabled and will remain offline until an investigation has been carried out.

Brad Black, the vice-president of operations at YouPorn, put the leak down to “poor security practices” at YP Chat.

‘Disheartening’

Writing on YouPorn’s official blog, Black said: “As soon as we became aware of the issue we took immediate steps to block access to YP Chat entirely and a thorough investigation was launched.”

He added: “The security of our users’ information has always been of paramount importance to us.

“The fact that a third-party service provider’s poor security practices could have such a negative impact on YouPorn users is disheartening to say the least.”

A spokesperson for YouPorn’s parent company, Manwin Holding SARL, said: “YouPorn continues to ensure that all appropriate measures and tools are in place to safeguard the privacy of its users.”

Manwin Holding run some of the world’s most popular online pornography sites.

YouPorn is one of the 100 most popular websites in the world, according to web analysis company Alexa.

As mobile phones get more sophisticated, hi-tech criminals are dusting off some old tricks.

Security companies have noticed a rise in trojans known as diallers that used to be popular during the days of dial-up net access.

On a smartphone the diallers are being used to call premium rate lines leaving victims with a big bill.

Experts say the diallers are proving popular as a quick way for criminals to cash in.

Diallers were widely used during the days of dial-up net access when most people connected via modem.

Many diallers lurked on porn sites and, once they snared a victim, disconnected their modem and then placed a long distance call. Many victims were left with huge phone bills.

The economics of international calls meant that some of the cash spent on the call would be shared with the criminals. Some diallers were very sneaky in that they muted the speaker on a modem so victims could not spot when the overseas call was being placed.

Now, the security wing of software firm CA has said it is seeing a rise in diallers for smartphones. This time, instead of calling international numbers, the diallers call premium rate lines and land victims with the bill.

Writing on the CA security blog, Akhil Menon said it was seeing a “an increasing trend of trojan diallers”. Mr Menon profiled one such virus, called Swapi.B, which sends premium SMS messages.

“The messages sent out are in the typical format to invoke premium services and land the mobile user with heavy mobile bills without the user’s knowledge and consent,” wrote Mr Menon.

Many diallers, including Swapi.B, are contracted from porn sites which disguise themselves as software, video clips or helper programs.

Mikko Hypponen, head of research at F-Secure which makes security software for mobiles, said it had seen a “handful” of diallers in recent months.

They were popular, he said, because they get round one of the big problems facing anyone wanting to make money out of Windows viruses.

“PC malware can’t just directly steal money from your machine; it has to jump through hoops like keylogging your credit card number or sending spam,” he said.

“However, mobile malware can just instantly steal from you by making premium-rate calls or messages,” said Mr Hypponen.

Some creators of diallers were also working to ensure that it was hard to shut down the premium rate service they had set up to cash in.

Mr Hypponen said some diallers sent messages or rang many different numbers, including legitimate ones.

“The trojan can place calls to, say, 100 different premium-rate numbers, only one of which is his own number,” said Mr Hypponen.

“How would you fight this? Shut down all the numbers, including the innocent ones?”

Unlike most phishing attacks, which tend to target banks and other financial firms with the goal of monetary gain, this attack is much more worrisome. While the kind of information that could be stolen in such an attack could be sold for huge sums on the black market, the other implications are far more serious. Should a hacker gain access to a military or intelligence computer there is no telling what kind of havoc they could wreak. It could result in a national security crisis. This should be of particular concern to the US government, which has come under fire in recent months for its poor cyber security practices. Last week, the Bipartisan Policy Center hosted a simulation of a cyber attack on the US and the government failed miserably. Security experts say the government is woefully unprepared for a cyber attack and that it’s no longer a question of if one will occur, but when.

Source: Sue Walsh March 2010

Investigating the possibilities will ultimately save you time, money and the hassle of wondering “Is this email or website for real?”

Email your feedback to us via the contact us form.

http://www.hoax-slayer.com

All the Best!

Vangelis Solutions