.jpg)
f you’re a regular Facebook, Twitter or Google user it might be a good idea to change your password.
Security experts investigating cybercriminals in Netherlands have discovered two million account details on a server that were stolen from popular sites and email providers.
It is thought the server was used to control a network of compromised computers, known as 'zombies', that were attached to the malicious Pony botnet.
The account information found includes 318,000 Facebook accounts, a total of 70,500 Gmail, Google and YouTube accounts, 59,500 Yahoo credentials and 21,700 Twitter login details.
According to security firm Trustwave, which found the files, the breach affects users across the world in the UK, U.S., Russia, Germany, Singapore, Thailand, and more.
Trustwave’s SpiderLabs said it has contacted authorities in the Netherlands to take down the server, and all the sites and services affected have also been informed.
The internet service providers of infected computers have also been notified.
SpiderLabs additionally analysed the list of passwords found on the server and discovered the most common was ‘123456,’ - used in almost 16,000 accounts.
Others in the top 10 list included ‘password,’ ‘admin,’ and ‘123’.
Graham Cluley, an independent security expert, said it is extremely common for people to use such simple passwords and also re-use them on multiple accounts, even though they are extremely easy to crack.
‘People are using very dumb passwords. They are totally useless,’ he said.
A botnet, short for robot network, infects computers and wires them up to a hacking server. Infected computers are then known as zombies.
Some networks have tens of thousands of zombies that can be controlled remotely and hackers use them to either send
spam or crash other websites through Denial of Service attacks.
The Pony botnet infects computers and then uses keylogging software to steal details. It does this by recording which keys are being pressed on a keyboard and sending this information to the hackers.
This particular hack is thought to have begun on 21 October and there may be other servers in the region controlling the botnet.
Facebook and Twitter said they have already reset the passwords of affected users but with more servers suspected, security experts are advising users to change their passwords as a precautionary measure.
As the virus runs in the background and is hidden, security experts are also advising people to make sure their antivirus software, browsers and other applications are up-to-date in case their computer is a zombie.
0 comments:
Post a Comment