Two million passwords stolen from Facebook, Twitter and Google
Major sites have begun resetting passwords for compromised accounts, although researchers estimate that most targets were from the Netherlands
Thursday 05 December 2013
More than two million passwords from popular social media sites including Facebook, LinkedIn and Twitter have been stolen and posted online by hackers.
The attack has been described as “fairly global” with victims “scattered all over the world”, although the vast majority of comprised users (some 96.66 per cent) were using computers with IP addresses located in the Netherlands.
Security researchers employed by Trustwave stumbled upon the hoard of stolen data whilst investigating a botnet known as ‘Pony’. Botnets are networks of hacked computers created by criminal gangs to use for a number of illegal tasks online, although it’s thought that these passwords were stolen using keylogger software.
A previous attack using the Pony botnet was described by the researchers as “hit-and-run operation,” whilst this attack was carried out over a number of weeks with the hackers taking in a “fairly stable and consistent” number of passwords each day.
A screencap showing the domains affected.
Other sites targeted included Russian social media sites vk.com and odnoklassniki.ru, as well as Google and Yahoo. Trustwave notified the sites involved before posting their findings online, and spokespersons from both Facebook and Twitter have told the Huffington Post that accounts found on the list have had their passwords reset.
However, it seems that the passwords themselves were not doing much to help protect users in the first place. The researchers noted that the top ten most commonly used passwords in the list included “123456”, “123456789”, “1234”, “password” and “1”.
“And it all goes downhill from there,” wrote the researchers in a blog post. “There were more terrible passwords than excellent ones, more bad passwords than good, and the majority, as usual, is somewhere in between in the Medium category.”
Whilst a similar cache of leaked Myspace passwords from 2006 revealed that the top ten most common passwords comprised 0.9 per cent of the total, this recent leak ups that percentage to 2.4.
However, there is some good news, as users are apparently using longer passwords more consistently. Passwords with more than 10 characters made up 17 per cent of the total in 2006, and in 2013 this figure has risen to 46 per cent.
Life & Style blogs
The Evil Within preview: a survival horror fan’s best worst nightmare
Porn film production likely to stop in Los Angeles after actor tests positive for HIV
The 3D-printed key that can unlock anything
Ice Bucket Challenge: ALS Association doesn't yet know what to do with all of the money raised
Anal sex study reveals climate of 'coercion'
Robin Williams Emmys tribute led by Billy Crystal criticised for including 'racist' joke about Muslim woman
The Rotherham child abuse scandal is a tale of apologists, misogyny and double standards
What do immigrants really think of Britain? Polish immigrant's Reddit post goes viral
Scottish independence TV debate: Pumped-up Alex Salmond bounces back in bruising second round against Alistair Darling
Do you realise just how foolish the UK looks?
With Douglas Carswell joining Ukip, my party has taken another giant step forward
- 1 Keira Knightley topless: Usually conservative actress does own take on #Freethenipple campaign for Interview Magazine
- 2 Oil tanker with $100 million cargo goes missing off Texas coast
- 3 George Galloway left with severe bruising after attack in Notting Hill by man 'shouting about the Holocaust'
- 4 A teacher speaks out: 'I'm effectively being forced out of a career that I wanted to love'
- 5 Lady al-Qa’ida: On the trail of Dr Aafia Siddiqui, the world’s most wanted prisoner
- < Previous
- Next >
iJobs Gadgets & Tech
£28000 - £30000 per annum + Benefits + Bonus: Harrington Starr: Junior VB.NET ...
£40000 - £50000 per annum + Benefits + Bonus: Harrington Starr: C# .NET Web De...
£45000 - £69999 per annum + Benefits + Bonus: Harrington Starr: C# Algo-Develo...
£60000 - £70000 per annum + Benefits + Bonus: Harrington Starr: Senior Data Sc...