Skip to main content

CloudFlare boss's Gmail hacked in redirect attack on 4Chan

posted onJune 4, 2012
by l33tdawg

Content distribution network CloudFlare reset all its customer API keys over the weekend after its CEO’s personal and corporate Gmail was breached in an “elaborate” attack on one customer, which appears to have been the 4Chan message board. 

According to CloudFlare CEO Matthew Prince, "a hacker" last Friday exploited a “subtle flaw” in Google App’s Gmail password recovery process, allowing them to break into his personal account, breach his CloudFlare.com Gmail address, bypass Gmail’s two-factor authentication (TFA), and redirect one customer’s website.

UGNazi, the hacker group that claimed credit for the huge breach at billing software provider WHMCS, has also laid claim to the attack on CloudFlare, according to a report by Softpedia. Prince said on Saturday Google confirmed there was a “subtle flaw affecting not 2-step verification itself, but the account recovery flow for some accounts.” Google said it had now blocked that attack vector.

Source

Tags

Privacy GMail 4Chan Hackers

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th