More than 2 million accounts have been compromised from popular sites such as Google,Yahoo, Twitter, Facebook and LinkedIn after malware captured login credentials from users worldwide, according to a new report.
According to web security firm Trustwave, hackers have stolen login usernames and passwords across various sites in the past month with the help of Pony malware, a bit different than a typical breach.
“Although these are accounts for online services such as Facebook, LinkedIn, Twitter and Google, this is not the result of any weakness in those companies networks,” said Abby Ross, a spokesperson for Trustwave. “Individual users had the malware installed on their machines and had their passwords stolen.
Although the culprit behind the hack remains unknown, Trustwave wrote on its blog that two targets were Russian-speaking social networking sites (vk.com and odnoklassniki.ru), which could hint at the virus’ origin.
“The malware was configured so that the majority of the credential information was sent to a server in the Netherlands,” Ross said. “The server does not show from which countries the information came from so we cannot break down exactly how many users from each country were affected. However, we can confirm the attackers targeted users worldwide including in the US, Germany, Singapore, Thailand and others.”
It’s also important to note that the stolen credentials were never publicly posted online. Trustwave researchers were able to access a command and control server used by the Pony botnet and recovered the passwords from there.
“We have reached out to the major service providers affected and they are taking steps to inform their users or remediate the compromised accounts,” Ross told Mashable.
Facebook accounted for about 57 per cent of the compromised accounts, followed by Yahoo 10 per cent Google 9 per cent and Twitter three per cent.
The report also indicates that payroll service provider adp.com had nearly 8,000 passwords compromised. As Trustwave points out “Facebook accounts are a nice catch for cyber criminals, but payroll services accounts could actually have direct financial repercussions.” ADP has also contacted affected users.
According to the report, 318,000 of the passwords stolen came from Facebook, approximately 70,000 from Google, 54,000 from Yahoo and 21,000 from Twitter, Passwords from other sites, such as LinkedIn, were also compromised.
Interestingly, the report was also able to discover the most common passwords of those who had their passwords stolen. 15,000 of the passwords were “123456” while another 5,000 were “123456789”. “1234”, “password” and “12345” rounded out the top 5. This list shows that even amid attempts by websites to convince users to create more secure passwords, many still use those that are the easiest to crack.
A Facebook spokesperson told Mashable the company has already reached out to those with compromised accounts.
“While details of this case are not yet clear, it appears that people’s computers may have been attacked by hackers using malware to scrape information directly from their web browsers,” a Facebook spokesperson told Mashable.
Facebook added that its users can protect themselves when using the site by activating login approvals and login notifications in their security settings.
“[These users] will be notified when anyone tries to access their account from an unrecognized browser and new logins will require a unique passcode generated on their mobile phone,” the spokesperson said.
The company also discovered most of the compromised passwords were considered “weak.”
“In our analysis, passwords that use all four character types and are longer than 8 characters are considered ‘excellent,’ whereas passwords with four or less characters of only one type are considered ‘terrible,’” Trustwave wrote on its blog. “Unfortunately, there were more terrible passwords than excellent ones, more bad passwords than good, and the majority, as usual, is somewhere in between in the medium category.”
–Source mashable.com
Join Us for YouWIN 3 Made Easy Seminar
Don't miss the next post - LIKE our Facebook page
Follow Us on Twitter for Latest Updates
No comments:
Post a Comment