As the uproar over the release of the usernames and passwords of millions of users from Tianya, CDSN, and other Chinese web services continues, there are signs that an even larger service may have come under some kind of attack: Netease.
Netease operates one of China’s most popular free email services, and it is that service that has reportedly come under attack. According to TechWeb, news that Netease’s email servers had been attacked was posted on a public forum for reporting hacks earlier this afternoon, and numerous users have since reported their accounts have been compromised.
Unlike the other hacks we’ve seen over the last week, which were actually just public dumps of old username and password databanks, the Netease exploit appears to be an attack in progress. Specifically, users are reporting that suddenly their account is tied to a strange QQ account in the “recover password” section of the site. This means, in essence, that whoever owns those strange QQ accounts has the power to recover other users’ passwords, and even change them so that the original user no longer has access to their account. At least one Netease user has also reported that they were unable to change the QQ number, and that after contacting Netease’s customer service team, they were told to simply register a new account.
Netease has yet to officially respond to these reports, so for now, they should be taken with a grain of salt. If nothing else, though, the reports can be seen as the latest evidence that hacking and information security have suddenly become a big topic of conversation in the Chinese media.
