Over 2 Million Stolen Passwords Uncovered on Hackers’ Server

Security researchers have recently uncovered a server that was used by hackers to store stolen passwords and account credentials. Trustwave’s SpiderLabs was the company behind this recent discovery, which consisted of a stash of login information for nearly 2 million online accounts. These login credentials were for sites such as Facebook, Yahoo, Google, and Twitter, as well as email accounts, remote desktop and secure shell account authorizations.

At first glance, the majority of the passwords appeared to come from computers in the Netherlands, signifying a possible attack on the Netherlands. In reality, however, most of the entries were in fact a single IP address that operated as a gateway, which resided in the Netherlands. This makes it more difficult to determine the countries that were actually targeted in the attack and nearly impossible to discover the Command-and-Control server. Interestingly, the server was running a botnet controller application called Pony.

“Individual users had the malware installed on their machines and had their passwords stolen. Pony steals passwords that are stored on the infected users’ computers as well as by capturing them when they are used to long into web services.”

Abby Ross, spokesperson for Trustwave

This report comes on the heels of 2 recent security breaches, including vBulletin’s security breach and MacRumors’ theft of more than 860,000 account passwords. When the stolen passwords were revealed, they showed that a large majority of users are still choosing passwords that are easy-to-guess, such as “Password” or “111111”. While people are now choosing longer passwords, those passwords are not necessarily more complicated. Even in this age of computer hackers, security breaches, and online data theft, the number of individuals who use “easy” passwords has actually tripled.

At Forensicon, we have the technology and the experience to assist your company or firm with all digital and electronic security breaches. With over a decade of experience tracking rogue hackers, we can help your company after a hacker has compromised your data or breached your security. More importantly we can help prevent the attack from even beginning. To learn more about how our computer forensic specialists can assist your firm, call us at 1-888-427-5667 or visit us on the web at www.forensicon.com.

Tags: , ,

    Related Posts

  • Staff Recognized for Departing Employee Investigations - The first issue of Corporate Counsel Business Journal, CCBJ,  includes an interview with our Director of Digital Forensics, Yaniv Schiff, and Solutions Architect, Curtis Collette, on the evolution of departing employee investigations. Departing Employee: When Do Investigations Become Necessary? appeared in the print publication, online edition, and on CCBJ’s In-House Tech website. For Increasing Numbers of Employers, Departing Employee Investigations[...Read More]
  • Chicago Office Food Drive – The Results Are In - QDiscovery’s Chicago Office collected nearly 1,000 containers of food for the local food bank this Holiday Season!  Our office competed with sister offices in Indiana and Connecticut.  Alas, we came in third.  Our sister offices each collected nearly 2,000 containers for their local food banks.  Relatively new to the company-wide food drive, the Forensics Division[...Read More]
  • QDiscovery QMobile App Wins Innovation Award - QDiscovery’s QMobile is winner of a 2017 Relativity Innovation Award.  Presented at Relativity Fest, the Innovation Award celebrates organizations that create apps or integrations that extend the functionality of Relativity’s eDiscovery software.   Our development team created an application that makes the analysis of mobile collections much more manageable.  Relativity users can now produce and review mobile[...Read More]
  • Moving and Changing - Acquired by Connecticut-based QDiscovery in 2016, Forensicon’s capabilities multiplied overnight, both in forensics brain power and eDiscovery expertise.  As part of a leading provider of end to end litigation support, moving to larger offices that are more central to the Chicago legal community was inevitable.
  • QDiscovery Named One of the Top 20 Providers of Legal Services! - Leading industry publication, CIO Magazine, has named Forensicon’s parent company, QDiscovery, to it’s  Top 20 Providers of Legal Services.  The annual listing includes 20 companies that are at the forefront of providing legal solutions and impacting the marketplace.  Read the whole article here.  Featured in the publication alongside QDiscovery President, Dave Barrett, is Director of Digital Forensics, Yaniv[...Read More]
No comments yet.

Leave a Reply