![[Reporter’s Notebook] Ongoing Account Hijacking: Are Users Who Don't Change Passwords the Only Ones to Blame?](https://cphoto.asiae.co.kr/listimglink/1/2023020307374912355_1675377469.jpg)
[Asia Economy Reporter Seungjin Lee] Account hijacking incidents are occurring one after another. Service managers responsible for the affected services uniformly advise users to change their passwords and check their personal security levels. However, in an era flooded with platforms, there are dozens of accounts whose very existence users have forgotten. It is time not to place the responsibility solely on individuals but for the platforms themselves to prepare countermeasures to prevent account hijacking.
Account hijacking has become almost a daily occurrence. Naver’s ‘Band,’ which celebrated its 11th anniversary this year, is a representative community service in Korea. As of August last year, the cumulative number of Bands reached 53 million, with a total of 6.1 billion posts. Naver plans to apply and expand Band’s community capabilities to various global services.
But before that, the account hijacking issue must be resolved first. One Band with nearly 1,000 members has had no new posts for weeks, yet the number of members kept increasing daily. The peculiar point is that all members’ display names are identical. Some even had the same profile pictures. All of these are hijacked accounts. Nevertheless, the Band remains unattended without any service sanctions. Among the 53 million Bands, one is essentially composed of hijacked accounts.
These hijacked accounts fell victim to a method called ‘credential stuffing.’ This technique involves randomly inputting already leaked or previously stolen IDs and passwords into other platforms to steal personal information. Hundreds or thousands of accounts are hijacked and used for illegal activities such as adult advertisements, but the account owners remain unaware. If users had been notified of the hijacking by any means, they would have taken action.
Platform operators may feel unfair regarding account hijacking. They invest astronomical amounts to enhance their own security capabilities. Their stance is that they cannot prevent personal information leaks occurring externally. However, leaving clearly suspicious hijacked accounts and communities formed by them unattended is another issue. Actively sanctioning suspected hijacked accounts and the communities they form is solely the responsibility of the platform operators.
Last month, financial damage occurred on Gmarket due to account hijacking. Gmarket announced compensation for damages and measures to prevent recurrence through a notice only 10 days after the incident. As the controversy escalated, the e-commerce industry belatedly began to prepare countermeasures to prevent account hijacking.
Account hijacking damage continues even now. The platform environment has become too vast to blame only users who do not frequently change their passwords. Platform operators need to actively identify account hijacking cases by analyzing unusual user access patterns beyond two-factor authentication.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
