Mumsnet’s founder suffers swatting attack
However, it was soon discovered that the DDoS incident served as cover for a more sophisticated hack which has resulted in hackers being able to take control of user accounts after breaching the forum’s administrative systems.
The home of the co-founder of popular parenting website Mumsnet was visited by armed police last Tuesday night after someone reported that a gunman was prowling around.
The cyber attack initially consisted of a Denial Of Service (DOS) attack, where an attempt is made to make a website unavailable to its users. Common among online hacking collectives, this attack bombards a website with traffic until it is knocked offline.
In the aftermath it was found that at least 11 user accounts were compromised; this is thought to have been through phishing attacks, however.
“Businesses need to be savvy to users” “normal’ behaviour – if someone logs in from Reading at 10am, and then again from Moscow at 11am, the chances are it isn’t the same person”, he explained.
A spokeswoman from the Metropolitan Police was unable to comment on the swatting attack.
The spiteful trend, which originated in the US, usually involves having a SWAT or armed police team sent to someone’s home or business to cause as much inconvenience as possible. A second incident saw armed police arrive at the house of someone who interacted with Dad Security over Twitter.
She wrote: “An armed response team turned up at my house last week in the middle of the night, after reports of a gunman prowling around”.
“Needless to say, she and her young family were pretty shaken up”, Ms Roberts wrote.
She added: “It’s worth saying that we don’t believe these addresses were gained directly from any Mumsnet hack, as we don’t collect addresses”.
Scotland Yard said detectives were investigating a hoax call that brought armed police to an address in Islington, north London, amid claims that a murder had taken place.
“We take great care to protect the information you give us and not to ask for or store any more information than we need to run the site, but though we can’t know how many accounts have been affected, there have been enough breaches for us to ask all Mumsnet users to change their passwords”, said Roberts.
A Twitter account linked to the incident, called DadSecurity, has since been suspended. It isn’t clear if these passwords have since been reset by Mumsnet.
She said: “It is a reasonable assumption, and our working one, that the passwords of everybody that has logged since August 6 2015, and possibly some time before that, have been collected”. “This member would like to remain anonymous”, the group said, promising that the original cyber-attack “was only the start”.
IBTimes UK has confirmed that a selection of the 3,037 user names listed are those of Mumsnet users.
Some of the sites 7.7 million users had their passwords published online however Roberts stated that the hackers could not have accessed users address directly from the hack because Mumsnet does not hold that information.