Researchers Find Server With Two Million Stolen Passwords

Wednesday, 04 Dec 2013 10:51 PM

By Cathy Burke

  Comment  |
   Contact Us  |
|  A   A  
  Copy Shortlink
Researchers have reportedly found a server storing more than 2 million pilfered passwords, most of them unlocking accounts on mega-popular websites such as Facebook, Yahoo, Google and Twitter.

About 318,121 user names and passwords for Facebook; 59,549 for Yahoo; 54,437 for Google; and 21,708 for Twitter were unearthed, says a blog post published Tuesday by researchers from security firm Trustwave's Spider Labs.

Spider Labs says it uncovered the bounty of potentially valuable log-ins during an Internet sweep for the Pony botnet controller, a malware-spreading set of programs the researchers say they're increasingly encountering online.

This means the passwords were leaked not by Facebook and the other websites but from thousands of infected computers that collected the data when users logged onto their accounts, NBC News reported.

Spider Labs said 97 percent of the total appeared to come from computers in the Netherlands, followed by Thailand, Germany, Singapore, and Indonesia. U.S. accounts comprised 0.1 percent, with 1,943 compromised passwords.

In all, the data may have come from as many as 102 countries.

"As is often the case with mass password leaks, the discovery by Spider Labs underscores the poor security hygiene of many users," Ars Technica reported.

"The usual offenders were there," the website reported, including "123456," used in 15,820 instances; "123456789," used in 4,875 cases; "1234," in 3,135 instances; and "password," in 2,212 cases.

"Overall, Spider Labs rated 6 percent of the passwords 'terrible,' 28 percent 'bad," 44 percent 'medium,' 17 percent 'good,' and just 5 percent 'excellent'," the website reported.

"Facebook takes people's information security extremely seriously and we work hard to protect it," a Facebook spokesperson told NBC News.

"While details of this case are not yet clear, it appears that people's computers may have been attacked by hackers using malware to scrape information directly from their Web browsers."

Facebook's recommendation is to engage the site's two-factor authentication, which requires a passcode from your phone as well as your standard password.

Twitter, Yahoo, Google, and others have a similar option, NBC News noted.

Related Stories:

© 2014 Newsmax. All rights reserved.

  Comment  |
   Contact Us  |
  Copy Shortlink
Around the Web
Join the Newsmax Community
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
Retype Email:
Zip Code:
Hot Topics
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
Around the Web
You May Also Like

Pro-Russian Group Denies Producing Ukraine Jewish 'Registration' Leaflets

Thursday, 17 Apr 2014 15:07 PM

Ukrainian Jews leaving Passover eve prayers were handed leaflets ordering them to either register with an interim govern . . .

Gallup Poll: Record Disapproval Ratings for Obama on Economy

Thursday, 17 Apr 2014 22:41 PM

More than half of Americans said they had virtually no confidence in President Barack Obama's ability to improve the nat . . .

Ben Carson: Americans 'Being Played' by Those Who Seek Division

Thursday, 17 Apr 2014 22:02 PM

Retired pediatric neurosurgeon Dr. Ben Carson said Thursday that Americans are "being played by those people who want to . . .

Newsmax, Moneynews, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, NewsmaxWorld, NewsmaxHealth, are trademarks of Newsmax Media, Inc.

America's News Page
©  Newsmax Media, Inc.
All Rights Reserved