Wannabe Cyber Gang Hacks University of Miami Librarians

A group claiming to be a hacker organization called “CyberVor’’ has breached email accounts connected to the University of Miami.

A tweet from the Twitter account of @cybervor posted on July 12 stated: “Miami University #Hacked #Leaked.’’

A link in the tweet led to a website featuring a dragon. The site included a statement in Russian: “We are the Russian dragon of the Internet. You are next. Greetings, University of Miami. We are CyberVor. We have been watching you for many years. … We are evil and hostile, and we don't make compromises. We are tireless.’’

It displayed about 200 email addresses and usernames. Encrypted passwords were listed as well.

IT security firm SecurityScorecard said it has investigated the case and that the email addresses belong to the school’s library staff. It is not known whether the hackers decrypted the passwords.

“Even if the hackers did nothing beyond releasing the dumped information — usernames, email addresses, hashed passwords— it is quite possible that unaffiliated third party hackers cracked the passwords,’’ said Alex Heid, the firm’s chief research officer.

CyberVor alleged some university staff members used the username “admin’’ and the password “admin.’’

The hacker group’s true identity is uncertain. “CyberVor” is the name Alex Holden, a cybercrime expert, previously made up for a Russian cyber gang he discovered. The crime ring had built a database consisting of 1.2 billion stolen user name and password combinations.

Regarding the Miami event, Holden says there are differences between the mega-breach and the university’s case. For one, he said, a cyber gang normally doesn’t give itself a nickname.

“And the Russian language that the UM hackers used in their message seemed to be translated with the help of Google Translate,’’ he said.