Share the post "Millions Of Hacked Accounts On Sale For $1:Reports"
Media reports have claimed that hundreds of millions of hacked usernames and passwords for email accounts and other websites are being traded in Russia’s criminal underworld.
The discovery of 272.3 million stolen accounts included a majority of users of Mail.ru, Russia’s most popular email service, and smaller fractions of Google, Yahoo and Microsoft email users.
It is one of the biggest stashes of stolen credentials to be uncovered since cyberattacks hit major US banks and retailers two years ago. The finding has been done by Alex Holden, founder and chief information security officer of Hold Security who was previously instrumental in uncovering some of the world’s biggest known data breaches, The latest discovery came after Hold Security researchers found a young Russian hacker bragging in an online forum that he had collected and was ready to give away a far larger number of stolen credentials that ended up totalling 1.17 billion records.
Holden said, the cache contained nearly 57 million Mail.ru accounts – a big chunk of the 64 million monthly active email users Mail.ru said it had at the end of last year. It also included tens of millions of credentials for the world’s three big email providers, Gmail, Microsoft and Yahoo, plus hundreds of thousands of accounts at German and Chinese email providers.
The hacker asked just 50 roubles, less than $1 for the entire trove, but gave up the dataset after Hold researchers agreed to post favourable comments about him in hacker forums.
Such large-scale data breaches can be used to engineer further break-ins or phishing attacks by reaching the universe of contacts tied to each compromised account, multiplying the risks of financial theft or reputational damage across the web.