A group of Russian cyber criminals attacked 500 million email addresses and stole 1.2 billion usernames and passwords.
According to US cyber security company Hold Security, the gang has the largest cache of stolen data in the history of cyber crime.
In a blog post written by Hold Security, the company said it took seven months of research to track down the data breach. The company nicknamed the Russian gang CyberVor (“vor” means “thief” in Russian).
The company claimed CyberVor hacked over 420,000 web and FTP sites to obtain over 4.5 billion records, 1.2 billion of which “appear to be unique”.
Of the 420,000 websites, the hackers didn’t target just large company websites. “Instead, they targeted every site their victims visited. With hundreds of thousands sites affected, the list includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites,” said the blogpost.
Hold stated that the hackers obtained databases of stolen credentials from other hackers on the black market. These were then used to attack e-mail providers, social media, and other websites to send spam to victims and install malicious redirections.
CyberVor also accessed data from botnet networks. Botnets allow a network of infected computers to be controlled by one system. They can track victims’ systems to identify weaknesses, which are then manipulated to steal data from websites’ databases.
Hold Security advises companies to check if websites are susceptible to SQL injection.
“It is hard to spot and it may be not on your main site but on one of your auxiliary sites instead. If your websites are vulnerable, this is not the last time you can be victimised,” said the company.
Source:
http://www.computerweekly.com/news/...steal over a billion usernames and passwords_
According to US cyber security company Hold Security, the gang has the largest cache of stolen data in the history of cyber crime.
In a blog post written by Hold Security, the company said it took seven months of research to track down the data breach. The company nicknamed the Russian gang CyberVor (“vor” means “thief” in Russian).
The company claimed CyberVor hacked over 420,000 web and FTP sites to obtain over 4.5 billion records, 1.2 billion of which “appear to be unique”.
Of the 420,000 websites, the hackers didn’t target just large company websites. “Instead, they targeted every site their victims visited. With hundreds of thousands sites affected, the list includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites,” said the blogpost.
Hold stated that the hackers obtained databases of stolen credentials from other hackers on the black market. These were then used to attack e-mail providers, social media, and other websites to send spam to victims and install malicious redirections.
CyberVor also accessed data from botnet networks. Botnets allow a network of infected computers to be controlled by one system. They can track victims’ systems to identify weaknesses, which are then manipulated to steal data from websites’ databases.
Hold Security advises companies to check if websites are susceptible to SQL injection.
“It is hard to spot and it may be not on your main site but on one of your auxiliary sites instead. If your websites are vulnerable, this is not the last time you can be victimised,” said the company.
Source:
http://www.computerweekly.com/news/...steal over a billion usernames and passwords_