Online hackers have successfully stolen more than two million passwords from the biggest social media sites, including Facebook, Twitter and LinkedIn. The details were then posted online, and although victims were spread across the globe, it is claimed by investigators that the majority of these users were based in the Netherlands.
The crime was uncovered when a team of probing a botnet known as ‘Pony’ stumbled across the mass of compromised data. A botnet is a network of hacked computers set up by criminal gangs to enable them to share information and perform a variety of illegal activities. On this occasion, it was noted that the personal data was obtained using keylogger software however.
Does not compute
A number of cases involving hackers using the Pony botnet have been uncovered, although they were mostly described by the researchers as ‘hit and run operations’.
This latest attack seemed to be carried out by a more sophisticated gang, as the stolen data was taken over an extended period of time on a more consistent basis. This more discreet approach to hacking is less likely to set alarm bells ringing thus alerting the authorities.
Customers of internet giants Google and Yahoo were also amongst those affected, as well as a number of Russian social media sites. All sites hit by the scandal were notified by investigators before the story broke, and users whose data was compromised had their passwords reset.
Further studies into the case showed that it was the users themselves who were making it too easy for their accounts to be hacked. The top 10 list of passwords compiled included number combinations such as ‘123456’, ‘1234’ and even ‘1’.
Although many affected had used what most would consider as ‘weak’ passwords, there were some strong ones in there, with the large majority falling into the ‘medium’ category.
Andrew Mason, Security expert from RandomStorm comments:
“This just goes to show about the importance of endpoint security combined with a strong password. Even the strongest password is worthless if the endpoint it is being used on is either untrusted or trusted but insecure allowing a bonnet such as Pony to be run on it and the subsequent password key logger.
“Once the key logger is installed it is very easy to harvest usernames and passwords for whatever the user types in during the course of their normal day. By ensuring proper endpoint security and at a minimum patching and up to date AV deployment these types of attacks can be totally eliminated.
“The second area of concern from the article is the use of weak passwords. Again, without a strong password it makes the job of a hacker so much easier being able to use an automated tool to crack many passwords per second.”
This may not be the first or last time such a large scale attack has occurred, but the number of users wising up to the issue of online security is on the rise. In 2006, only 17% used passwords containing more than 10 characters, but this figure has risen to 46% in 2013.
Photo credit: Lulu Hoeller